SUSE CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

SUSE CVE-2017-12565

In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service...

SUSE CVE-2017-13142

In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files...

SUSE CVE-2017-17504

ImageMagick before 7.0.7-12 has a coders/png.c Magickpngreadrawprofile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage...

SUSE CVE-2017-17669

There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...

SUSE CVE-2017-18219

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large pngpixels array allocation...

SUSE CVE-2019-13108

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

SUSE CVE-2020-27814

A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application...

SUSE CVE-2022-44267

ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image e.g., for resize, the convert process could be left waiting for stdin input...

SAMSUNG Cloud 路径遍历漏洞

SAMSUNG Cloud is an application from the South Korean company Samsung SAMSUNG. It is used to provide a function to save and view images. A security vulnerability exists in SAMSUNG Cloud versions prior to 5.3.0.32, which stems from a path traversal vulnerability that can be exploited by an attacke...

DEBIAN-CVE-2022-44268

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image e.g., for resize, the resulting image could have embedded the content of an arbitrary. file if the magick binary has permissions to read it...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software from the American company ImageMagick. The software can read, convert or write images in a variety of formats. A security vulnerability exists in ImageMagick version 7.1.0-49, which stems from an information disclosure vulnerability,...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software from the American company ImageMagick. The software can read, convert or write images in multiple formats. A security vulnerability exists in ImageMagick version 7.1.0-49, which stems from the presence of a denial-of-service...

The vulnerability of the decode_png() function in the TorchVision computer vision system, which allows a intruder to trigger a service failure

The vulnerability of the decodepng function in the TorchVision computer vision system lies in the handling of PNG format files, where data is read beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

OESA-2022-2044 exiv2 security update

Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: An integer overflow in Exiv2 through...

编号撤回

libpng is a PNG reference library that enables creation, reading and writing of PNG graphics files. This CVE number has been withdrawn...

DEBIAN-CVE-2021-4214

A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service...

FastStone Image Viewer 缓冲区错误漏洞

FastStone Image Viewer is an image viewer. The product supports image browsing, conversion, and editing. A security vulnerability exists in FastStone Image Viewer prior to version 7.5, which stems from the fact that its parsing of PNG tRNs blocks can lead to a stack buffer overflow...

PT-2022-4476 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

UBUNTU-CVE-2021-3696

A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of...