CVE-2025-48072 – OpenEXR Heap-Based Buffer Overflow Vulnerability

July 31, 2025

CVE ID : CVE-2025-48072

Published : July 31, 2025, 9:15 p.m. | 3 hours, 11 minutes ago

Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. This is fixed in version 3.3.3.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleWangle – networking library

Next Article CVE-2025-48073 – OpenEXR NULL Pointer Dereference Vulnerability

Highlights

CVE-2025-6467 – Code-projects Online Bidding System SQL Injection

June 22, 2025

CVE ID : CVE-2025-6467

Published : June 22, 2025, 6:15 a.m. | 7 hours, 28 minutes ago

Description : A vulnerability was found in code-projects Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument User leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Finally, a sleek gaming laptop I can take to the office (without sacrificing power)

These jobs face the highest risk of AI takeover, according to Microsoft

Apple’s tariff costs and iPhone sales are soaring – how long until device prices are too?

5 ways to successfully integrate AI agents into your workplace

Enhancing Laravel Queries with Reusable Scope Patterns

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

Everything We Know About Livewire 4

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

Sam Altman is afraid of OpenAI’s GPT-5 creation — “The Manhattan Project feels very fast, like there are no adults in the room”

9 new features that arrived on the Windows 11 Insider Program during the second half of July 2025

CVE-2025-48072 – OpenEXR Heap-Based Buffer Overflow Vulnerability

This month in security with Tony Anscombe – July 2025 edition

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

Snap & Grab mixes camp thievery with Hitman-like shenanigans, and it’s coming to Xbox Game Pass in 2026

Welcome to Maintainer Month: Events, exclusive discounts, and a new security challenge

Xbox Ally vs Steam Deck: Which is the better gaming handheld?

Distribution Release: GParted Live 1.7.0-8

CVE-2025-6467 – Code-projects Online Bidding System SQL Injection

Microsoft Edge will lose all these features this month

CVE-2022-44760 – HCL Leap JavaScript Injection

From Overwhelming to Optimized: How Custom Project Management Software Handles Complex Architecture Projects

CVE-2025-48072 – OpenEXR Heap-Based Buffer Overflow Vulnerability

Related Posts