CVE-2025-48071

OpenEXR vulnerability CVE-2025-48071 is a heap-based buffer overflow in the EXR write/decompression path for ZIPS-packed deep scanline data when a forged chunk header causes the unpacked size to be inconsistent with the actual uncompressed data. The issue resides in OpenEXR’s chunk parsing and un...

CVE-2025-48071

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

GHSA-4R7W-Q3JG-FF43 OpenEXR Out of Bounds Heap Read due to Bad Pointer Arithmetic in LossyDctDecoder_execute

Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. Details In the LossyDctDecoderexecute function from...

SUSE CVE-2006-4018

Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus ClamAV 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values...

A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

A previously undocumented Chinese-speaking advanced persistent threat APT actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013. "Aoqin Dragon seek...

DEBIAN-CVE-2019-1789

ClamAV versions prior to 0.101.2 are susceptible to a denial of service DoS vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking...

ClamAV < 0.98.7 Multiple DoS Vulnerabilities - Windows

ClamAV is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"...

ClamAV < 0.98.7 Multiple DoS Vulnerabilities - Linux

ClamAV is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"...

DLA-233-1 clamav - security update

Bulletin has no description...

Design/Logic Flaw

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service file scanning infinite loop via certain crafted 1 ARJ archives or 2 FSG packed files...

CVE-2007-2967

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service file scanning infinite loop via certain crafted 1 ARJ archives or 2 FSG packed files...

CVE-2007-2967

The CVE-2007-2967 entry affects multiple F‑Secure antivirus products for Windows and Linux prior to 20070522. The vulnerability is a denial of service via crafted ARJ archives or FSG packed files that can cause a file-scanning infinite loop within the scanner component. Impact is a complete denia...

CVE-2007-2967

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service file scanning infinite loop via certain crafted 1 ARJ archives or 2 FSG packed files...