LIM OpenEXR 输入验证错误漏洞

Industrial Light And Magic LIM OpenEXR is an image file format from Industrial Light and Magic LIM, USA, for high dynamic range HDR images. An input validation error vulnerability exists in OpenEXR B44 uncompression, which can be exploited by an attacker to trigger a shift overflow and potentiall...

CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...

CVE-2021-3474

There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability...

CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...

CVE-2021-3476

OpenEXR CVE-2021-3476 affects the B44 uncompression in OpenEXR prior to 3.0.0-beta. A crafted EXR file can trigger shift overflows, potentially causing denial of service and affecting availability. The provided documents consistently describe this as a vulnerability in the OpenEXR library (B44 un...

LIM OpenEXR 输入验证错误漏洞

OpenEXR is an open-standard, high dynamic range image format that is widely used in computer graphics to store image data, but can also store some data needed for post-synthesis processing. A shift overflow vulnerability exists in FastHufDecoder in versions prior to LIM OpenEXR 3.0.0-beta, which...

CVE-2021-3474

OpenEXR vulnerability CVE-2021-3474 affects OpenEXR versions before 3.0.0-beta. A crafted EXR file can trigger a shift overflow in FastHufDecoder, leading to availability impact (DoS) for affected applications. The connected documents confirm the flaw and mention mitigation via upgrading to 3.0.0...

CVE-2021-3474

There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability...

CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...

CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...

CVE-2021-3474

There's a flaw in OpenEXR. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability...

Multi-factor Authentication. Reset MFA you say?

MFA is a no brainer. It helps mitigate the risk of password re-use, overly simple passwords and more. Just don’t confuse it with 2 step verification… Anyway, when we’re red teaming, MFA can make things more complicated. So why not social engineer your way around it? Having worked on a helpdesk...

ABB eSOMS 信息泄露漏洞

ABB eSOMS Electronic Shift Operations Management System is a plant operations management system from ABB Switzerland. An information disclosure vulnerability exists in eSOMS that could allow an unauthorized user to access report data...

CVE-2020-36277

Leptonica before 1.80.0 allows a denial of service application crash via an incorrect left shift in pixConvert2To8 in pixconv.c...

DEBIAN-CVE-2020-36277

Leptonica before 1.80.0 allows a denial of service application crash via an incorrect left shift in pixConvert2To8 in pixconv.c...

PT-2024-11136 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A shift-out-of-bounds issue in the load balance function has been resolved. The issue occurred when the sd-nr balance failed value grew to unexpectedly high values. This happened becau...

OPENSUSE-SU-2021:0358-1 Security update for glibc

This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 - x86: Harden printf against non-normal long double values CVE-2020-29573, bsc1179721, BZ 26649 - gconv: Fix assertion failure in ISO-2022-JP-3 module...

Lazarus Targets Defense Companies with ThreatNeedle Malware

The prolific North Korean APT known as Lazarus is behind a spear-phishing campaign aimed at stealing critical data from defense companies by leveraging an advanced malware called ThreatNeedle, new research has revealed. The elaborate and ongoing cyberespionage campaign used emails with COVID-19...

SUSE-SU-2021:0653-1 Security update for glibc

This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 - x86: Harden printf against non-normal long double values CVE-2020-29573, bsc1179721, BZ 26649 - gconv: Fix assertion failure in ISO-2022-JP-3 module...

Why threat protection is critical to your Zero Trust security strategy

The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in helping act as the foundation of their modern cybersecurity strategy. As a result, cybercriminals have shifted their focus and identitie...