CVE-2026-41142 OpenEXR is Vulnerable to Integer overflow in ImageChannel::resize leads to heap OOB write via OpenEXRUtil public API

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::resize that leads...

PT-2026-38333

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.0.0 through 3.2.8 OpenEXR versions 3.3.0 through 3.3.10 OpenEXR versions 3.4.0 through 3.4.10 Description An integer overflow exists in the ImageChannel::resize function, which can lead to a heap out-of-bounds OOB write—a...

CLSA-2026-1776178825 Fix of 8 CVEs

SECURITY UPDATE: fix vulnerability in stream handling - debian/patches/CVE-2025-53019.patch: fix vulnerability in stream handling - CVE-2025-53019 SECURITY UPDATE: fix integer overflow in resize - debian/patches/CVE-2025-55212.patch: fix integer overflow in resize - CVE-2025-55212 SECURITY UPDATE...

CVE-2025-64098 FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

CTT-Sandbox-Escape-PoC

CTT-Sandbox-Escape-PoC CTT-Sandbox-Escape-PoC: Temporal Reson...

CVE-2025-24528

In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...

AZL-74852 CVE-2025-24528 affecting package krb5 for versions less than 1.21.3-3

In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...

AZL-74862 CVE-2025-24528 affecting package krb5 for versions less than 1.19.4-5

In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...

CVE-2025-24528

In MIT Kerberos 5 aka krb5 before 1.22 with incremental propagation, there is an integer overflow for a large update size to resize in kdblog.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash...

SUSE CVE-2021-41199

TensorFlow is an open source platform for machine learning. In affected versions if tf.image.resize is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. The number of elements in the output tensor is too much for the int64t typ...

GHSA-5HX2-QX8J-QJQM Overflow/crash in `tf.image.resize` when size is large

Impact If tf.image.resize is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. python import tensorflow as tf import numpy as np tf.keras.layers.UpSampling2D size=1610637938, dataformat='channelsfirst',...

PYSEC-2021-807

TensorFlow is an open source platform for machine learning. In affected versions if tf.image.resize is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. The number of elements in the output tensor is too much for the int64t typ...

miniSphere Integer Overflow Vulnerability

miniSphere is a lightweight JavaScript-based game engine. An integer overflow vulnerability exists in the 'layerresize' function in the mapengine.c file in miniSphere 5.2.9 and earlier versions. An attacker could exploit this vulnerability to cause a denial of service with the help of a specially...

php multiple integer overflows in gd

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...