Lucene search
K

106 matches found

Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29620

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.7 Description OpenEXR, an image storage format used in the motion picture industry, may disclose sensitive information from heap memory through decoded pixel data. This information disclosure occurs when...

8.7CVSS5.8AI score0.00482EPSS
Exploits1References25
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.5 views

OpenEXR 安全漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions of OpenEXR from 3.4.0 to 3.4.8 contained security vulnerabilities, where sensitive information in the heap memory could be leaked through decoded pixel data...

8.7CVSS5.8AI score0.00482EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/31 11:27 p.m.6 views

SUSE CVE-2026-33985

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

5.9CVSS5.8AI score0.00205EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/30 11:24 p.m.3 views

CVE-2026-33985

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a vulnerability where pixel data from adjacent heap memory is rendered to the screen. This can lead to the disclosure of sensitive data to the attacker. Mitigation Mitigation for thi...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/30 9:43 p.m.6 views

CVE-2026-33985

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

5.9CVSS5.8AI score0.00205EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/30 9:43 p.m.3 views

EUVD-2026-17231

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

5.9CVSS5.8AI score0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/30 9:43 p.m.19 views

CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

5.9CVSS0.00205EPSS
Exploits0References2
OSV
OSV
added 2026/03/30 9:43 p.m.7 views

CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

5.9CVSS5.8AI score0.00205EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.10 views

FreeRDP 安全漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.24.2 contained security vulnerabilities. These vulnerabilities stemmed from rendering pixel data in adjacent heap memory onto the screen, potentially exposing sensitive data to...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References3
OSV
OSV
added 2026/02/25 9:16 p.m.3 views

UBUNTU-CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS5.9AI score0.00591EPSS
Exploits1References4
Snyk
Snyk
added 2026/02/25 7:13 p.m.4 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.4 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.5 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.3 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.3 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.4 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.6 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.5 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:13 p.m.5 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.3CVSS6AI score
Exploits0References2
OSV
OSV
added 2026/02/25 7:13 p.m.8 views

GHSA-WFX3-6G53-9FGC ImageMagick: Memory Leak in multiple coders that write raw pixel data

A memory leak vulnerability exists in multiple coders that write raw pixel data where an object is not freed. Direct leak of 160 bytes in 1 objects allocated from:...

3.7CVSS5.5AI score0.0026EPSS
Exploits0References4
Rows per page
Query Builder