Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AcademySoftwareFoundation — Vulnerabilities & Security Advisories 26

Browse all 26 CVE security advisories affecting AcademySoftwareFoundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by AcademySoftwareFoundation:openexrMaterialXOpenImageIOOpenColorIO
CVE IDTitleCVSSSeverityPublished
CVE-2026-40250 OpenEXR has integer overflow in DWA decoder outBufferEnd pointer arithmetic (missed variant of CVE-2026-34589) — openexrCWE-190 8.1AIHighAI2026-04-21
CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589) — openexrCWE-190 7.5AIHighAI2026-04-21
CVE-2026-39886 OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl() — openexrCWE-190 5.3 Medium2026-04-21
CVE-2026-34589 OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write — openexrCWE-190 9.1 -2026-04-06
CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write — openexrCWE-125 6.8 -2026-04-06
CVE-2026-34380 OpenEXR has a signed integer overflow (undefined behavior) in undo_pxr24_impl may allow bounds-check bypass in PXR24 decompression — openexrCWE-190 5.9 Medium2026-04-06
CVE-2026-34379 OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression) — openexrCWE-704 7.1 High2026-04-06
CVE-2026-34378 OpenEXR has a signed integer overflow in generic_unpack() when parsing EXR files with crafted negative dataWindow.min.x — openexrCWE-190 6.5 Medium2026-04-06
CVE-2026-34543 OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size (undo_pxr24_impl) — openexrCWE-908 5.5AIMediumAI2026-04-01
CVE-2026-34544 OpenEXR: integer overflow to OOB write in uncompress_b44_impl() — openexrCWE-190 8.8AIHighAI2026-04-01
CVE-2026-34545 OpenEXR: integer overflow lead to OOB in HTJ2K decoder — openexrCWE-122 9.6AICriticalAI2026-04-01
CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write — openexrCWE-787 7.7AIHighAI2026-03-03
CVE-2026-26981 OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp — openexrCWE-195 6.5 Medium2026-02-24
CVE-2025-15506 AcademySoftwareFoundation OpenColorIO FileRules.cpp ConvertToRegularExpression out-of-bounds — OpenColorIOCWE-125 3.3 Low2026-01-11
CVE-2025-64183 OpenEXR has use after free in PyObject_StealAttrString — openexrCWE-416 9.1 -2025-11-10
CVE-2025-64182 OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel() — openexrCWE-120 7.8 -2025-11-10
CVE-2025-64181 OpenEXR Makes Use of Uninitialized Memory — openexrCWE-457 9.1 -2025-11-10
CVE-2025-53012 MaterialX's Lack of Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion — MaterialXCWE-400 7.5 -2025-08-01
CVE-2025-53011 MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput — MaterialXCWE-476 5.5 -2025-08-01
CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference — MaterialXCWE-476 5.5 -2025-08-01
CVE-2025-53009 MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit — MaterialXCWE-121 5.5 -2025-08-01
CVE-2025-48074 OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors — openexrCWE-770 6.5 -2025-08-01
CVE-2025-48073 OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" Mode — openexrCWE-476 7.5AIHighAI2025-07-31
CVE-2025-48072 OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap — openexrCWE-125 7.8AIHighAI2025-07-31
CVE-2025-48071 OpenEXR's Forged Unpacked Size can Lead to Heap-Based Buffer Overflow in Deep Scanline Parsing — openexrCWE-122 7.8AIHighAI2025-07-31
CVE-2024-40630 HEIF Heap OOB Read in OpenImageIO — OpenImageIOCWE-125 4.3 Medium2024-07-15

This page lists every published CVE security advisory associated with AcademySoftwareFoundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.