331 matches found
openexr security update
An update is available for openexr. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is an open-source high-dynamic-range floating-point image file forma...
RLSA-2026:38499 Important: openexr security update
OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...
OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files
A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...
OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files
A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...
OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files
A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...
ALSA-2026:38499 Important: openexr security update
OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...
ALSA-2026:38498 Important: openexr security update
OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...
OPENSUSE-SU-2026:21242-1 Security update for assimp
This update for assimp fixes the following issues - CVE-2025-11277: large mWidth and mHeight dimensions can lead to integer overflow and a heap-based buffer overflow bsc1251019. - CVE-2026-10197: NULL pointer dereference in ImportEmbeddedTextures when mimeType lacks '/' bsc1266996. -...
EUVD-2022-49111
Open Babel has out-of-bounds write in MOPAC translationVectors FINAL POINT...
EUVD-2022-39966
Open Babel has out-of-bounds write in Gaussian coordstype orientation parser...
CVE-2026-12893
A flaw was found in the GStreamer gst-libav plugin. A NULL pointer dereference in the demuxer error handler can be triggered when processing malformed media files, such as crafted Musepack .mpc files. When a user or application opens such a file using GStreamer, the application crashes, resulting...
USN-8454-1: libheif vulnerabilities
Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. CVE-2026-32738 Elhanan Haenel discovered that libheif incorrectly...
Hitachi Energy RTU500 NULL Pointer Dereference (CVE-2025-69421)
Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex function does not check whether...
CVE-2025-7019 Avast antivirus stack overflow when scanning a malformed Office Open XML file
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus...
Security update for assimp (moderate)
openSUSE Security Update: Security update for assimp Announcement ID: openSUSE-SU-2026:0045-1 Rating: moderate References: 1241367 Cross-References: CVE-2025-3548 CVSS scores: CVE-2025-3548 SUSE: 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: openSUSE Backports SLE-15-SP6 An...
EulerOS Virtualization 2.13.0 : shim (EulerOS-SA-2026-2190)
According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impac...
Use of Uninitialized Resource
Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the xlsparseWorkBook function when handling malformed XLS files, due to uninitialized heap memory originating from the OLE layer ole2read. An attacker can cause undefined behavior, trigger incorrect...
CVE-2026-26825
A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...
EUVD-2026-34179
A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...
libxls 安全漏洞
libxls is an open-source C library for reading old binary OLE format Excel files. Version 1.6.3 of libxls contains a security vulnerability. This vulnerability stems from the use of uninitialized memory during the parsing of malformed XLS files, which may lead to undefined behavior, parsing error...