55 matches found
CVE-2021-20304
OpenEXR contains a vulnerable hufDecode path (CVE-2021-20304). A crafted EXR file can trigger an undefined right-shift error, with the highest impact on availability. Public advisories document affected OpenEXR components and remediation via vendor patches/upgrades. Notably, Amazon Linux 2 ALAS a...
CVE-2021-20304
A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...
CVE-2021-20304
A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...
EulerOS 2.0 SP3 : OpenEXR (EulerOS-SA-2021-2600)
According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw found in function dataWindowForTile of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenE...
EulerOS 2.0 SP5 : OpenEXR (EulerOS-SA-2021-2514)
According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw found in function dataWindowForTile of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenE...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2021-2477)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-20304
A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...
chromium-browser: Uninitialized Use in V8
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
chromium-browser: Uninitialized Use in V8
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
chromium-browser: Uninitialized Use in V8
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
chromium-browser: Uninitialized Use in V8
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
chromium-browser: Uninitialized Use in V8
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
chromium-browser: Uninitialized Use in V8
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
CVE-2020-16042
The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...
UBUNTU-CVE-2018-18445
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...