Lucene search
+L

829 matches found

redhatcve
redhatcve
added 2026/05/15 2:2 p.m.10 views

CVE-2026-43907

A flaw was found in OpenImageIO. A remote attacker can exploit a signed integer overflow vulnerability by providing a specially crafted DPX image file. This flaw leads to a heap-based out-of-bounds write, which can result in a denial of service crash or potentially arbitrary code execution in...

8.3CVSS6.3AI score0.0037EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/05/15 2:2 p.m.12 views

CVE-2026-43909

A flaw was found in OpenImageIO. A signed 32-bit integer overflow in the SwapRGBABytes function, triggered when processing kABGR DPX images with large dimensions, can lead to an out-of-bounds read and write. This allows a remote attacker to potentially execute arbitrary code or cause a denial of...

8.8CVSS6.2AI score0.00371EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/05/15 2:2 p.m.10 views

CVE-2026-43904

A flaw was found in OpenImageIO. When processing a specially crafted .pic image file, the software fails to properly clamp the run length during Run Length Encoding RLE image processing. This oversight can lead to a heap overflow, allowing a remote attacker to potentially execute arbitrary code,...

8.4CVSS6AI score0.00173EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/05/15 2:2 p.m.10 views

CVE-2026-43905

A flaw was found in OpenImageIO. When processing a specially crafted JPEG2000 image file, an internal calculation for buffer size can result in an integer overflow. This leads to an undersized memory allocation, causing a heap overflow. An attacker could exploit this to potentially execute...

7.8CVSS6.1AI score0.00173EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/05/15 2:2 p.m.12 views

CVE-2026-43906

A flaw was found in OpenImageIO. A heap-based buffer overflow in the HEIF decoder allows a remote attacker to perform out-of-bounds writes by providing specially crafted images. This can lead to memory corruption and potentially allow the attacker to execute arbitrary code on the affected system...

8.5CVSS6.5AI score0.00188EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/05/15 2:2 p.m.11 views

CVE-2026-43903

A flaw was found in OpenImageIO. A remote attacker could exploit this vulnerability by providing a specially crafted .sgi image file. This file, with a Run-Length Encoding RLE count exceeding the scanline width, can cause a heap buffer overflow. Successful exploitation leads to a denial of servic...

8.4CVSS6.1AI score0.00126EPSS
Exploits0References2
nessus
nessus
added 2026/05/15 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

7.8CVSS5.7AI score0.00173EPSS
Exploits1References3
nessus
nessus
added 2026/05/15 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.4CVSS5.7AI score0.00126EPSS
Exploits0References3
nessus
nessus
added 2026/05/15 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.5CVSS6.1AI score0.00188EPSS
Exploits1References3
nessus
nessus
added 2026/05/15 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.8CVSS5.5AI score0.00371EPSS
Exploits1References3
nessus
nessus
added 2026/05/15 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-43904

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.4CVSS5.5AI score0.00173EPSS
Exploits1References3
nessus
nessus
added 2026/05/15 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.8CVSS5.5AI score0.00371EPSS
Exploits1References3
nessus
nessus
added 2026/05/15 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-43907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.3CVSS6.6AI score0.0037EPSS
Exploits1References3
nessus
nessus
added 2026/05/15 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

5.5CVSS5.6AI score0.00177EPSS
Exploits1References3
snyk
snyk
added 2026/05/14 9:25 p.m.9 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the HEIF decoder due to a subimage metadata mismatch. An attacker can achieve memory corruption and potentially execute arbitrary code by supplying a specially crafted image file. Remediation Upgrade...

8.5CVSS6.2AI score0.00188EPSS
Exploits1References2
snyk
snyk
added 2026/05/14 9:24 p.m.10 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper bounds checking in the decodepixel process. An attacker can trigger an out-of-bounds read by supplying a specially crafted TGA paletted image that causes integer wraparound during palette index...

6.8CVSS5.8AI score0.00177EPSS
Exploits1References2
snyk
snyk
added 2026/05/14 9:24 p.m.8 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the ConvertCbYCrYToRGB function. An attacker can cause a heap out-of-bounds write by supplying crafted image data that triggers a signed integer overflow in the pixel-loop index expression, potentially...

8.8CVSS6.2AI score0.00371EPSS
Exploits1References2
snyk
snyk
added 2026/05/14 9:23 p.m.11 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the sgiinput.cpp process when handling SGI RLE image files. An attacker can cause a heap buffer overflow and crash the application by supplying a crafted .sgi file with an RLE count exceeding the scanline width...

8.4CVSS6AI score0.00126EPSS
Exploits0References2
snyk
snyk
added 2026/05/14 9:22 p.m.9 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the SwapRGBABytes process. An attacker can trigger out-of-bounds memory access by supplying a specially crafted kABGR DPX image with large dimensions, leading to potential reading from or writing to unintended...

8.8CVSS5.8AI score0.00371EPSS
Exploits1References2
snyk
snyk
added 2026/05/14 9:21 p.m.9 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the QueryRGBBufferSizeInternal function when processing crafted DPX image files. An attacker can cause a heap-based out-of-bounds write by supplying a specially crafted DPX file that triggers an integer...

8.3CVSS6.3AI score0.0037EPSS
Exploits1References2
Rows per page
Query Builder