CVE-2025-48072

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

CVE-2024-0607 Kernel: nf_tables: pointer math issue in nft_byteorder_eval()

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nftbyteordereval function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. That...

CVE-2024-0607 Kernel: nf_tables: pointer math issue in nft_byteorder_eval()

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nftbyteordereval function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. That...

The vulnerability of the ifilter_bank function in the libfaad/filtbank.c component allows a hacker to trigger a service failure. This vulnerability is present in the Freeware Advanced Audio Decoder 2 (FAAD2) audio decoder.

The vulnerability of the ifilterbank function in the libfaad/filtbank.c component is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure...

squid -- TLS/SSL parser denial of service vulnerability

Amos Jeffries, release manager of the Squid-3 series, reports: Vulnerable versions are 3.5.0.1 to 3.5.8 inclusive, which are built with OpenSSL and configured for "SSL-Bump" decryption. Integer overflows can lead to invalid pointer math reading from random memory on some CPU architectures. In the...