Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53171 accel/ethosu: fix arithmetic issues in dma_length()

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

8.8CVSS0.00137EPSS
Exploits0References2
OSV
OSV
added 2026/04/06 5:51 p.m.3 views

GHSA-Q6VJ-WXVF-5M8C OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp

Summary A heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. A signed integer subtraction produces a negative value that is implicitly converted to sizet, resulting in a massive lengt...

6.5CVSS5.9AI score0.00523EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/06 5:51 p.m.5 views

OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp

Summary A heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. A signed integer subtraction produces a negative value that is implicitly converted to sizet, resulting in a massive lengt...

6.5CVSS5.9AI score0.00523EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/02/24 2:26 a.m.25 views

CVE-2026-26981 OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

6.5CVSS0.00523EPSS
Exploits1References3
CVE
CVE
added 2026/02/24 2:26 a.m.19 views

CVE-2026-26981

OpenEXR CVE-2026-26981 affects 3.3.0–3.3.6 and 3.4.0–3.4.4; a heap-buffer-overflow (OOB read) occurs in istream_nonparallel_read in ImfContextInit.cpp when parsing a malformed EXR via a memory-mapped IStream. A signed integer subtraction becomes a negative value that is implicitly cast to size_t,...

6.5CVSS5.3AI score0.00523EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/24 2:26 a.m.5 views

CVE-2026-26981 OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

6.5CVSS5.3AI score0.00523EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2025/12/03 12:0 a.m.174 views

📄 Adobe DNG SDK 1.4 Out-Of-Bounds Read

A vulnerability exists in Adobe DNG SDK the fork used by Android due to improper validation of the fAreaSpec fields inside the dngopcodeDeltaPerRow::ProcessArea function. If an attacker supplies a crafted DNG file with an empty or malformed fAreaSpec, the SDK performs arithmetic that results in...

6.7AI score
Exploits0
Rows per page
Query Builder