macOS 26.x < 26.5 Multiple Vulnerabilities (127115)

The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.5. It is, therefore, affected by multiple vulnerabilities: - A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitializ...

Linux Distros Unpatched Vulnerability : CVE-2021-3695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or...

SUSE CVE-2019-11598

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c...

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

SUSE: Security Advisory (SUSE-SU-2022:2038-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for grub2 (SUSE-SU-2022:2035-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2022-6168

Name of the Vulnerable Software and Affected Versions grub2 versions prior to 2.12 Description A crafted 16-bit grayscale PNG image may lead to an out-of-bounds write in the heap area, potentially causing heap data corruption or arbitrary code execution, and circumventing secure boot protections...

grub2 缓冲区错误漏洞

grub2 is a Linux system boot program from the GNU community. A buffer error vulnerability exists in grub2, which can be exploited by an attacker to cause an out-of-bounds write in the heap via a carefully crafted PNG grayscale image...

PT-2019-5355 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-40 Q16 Description: The issue is related to a heap-based buffer over-read in the WritePNMImage function of coders/pnm.c, which can be exploited by an attacker to cause a denial of service or possibly disclose...

openSUSE 10 Security Update : libpng (libpng-3739)

Applications using libpng can crash if libpng is ask to process a grayscale image with a malformed bad CRC tRNS chunk. CVE-2007-2445 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libpng-3739...

openSUSE 10 Security Update : libpng (libpng-3479)

Applications using libpng can crash if libpng is ask to process a grayscale image with a malformed bad CRC tRNS chunk. CVE-2007-2445 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libpng-3479...

libpng png_handle_tRNS flaw

The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value...

DEBIAN-CVE-2007-2445

The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value...

png -- DoS crash vulnerability

A Libpng Security Advisory reports: A grayscale PNG image with a malformed bad CRC tRNS chunk will crash some libpng applications. This vulnerability could be used to crash a browser when a user tries to view such a malformed PNG file. It is not known whether the vulnerability could be exploited...