Lucene search
+L

47 matches found

SUSE Linux
SUSE Linux
added 2026/04/14 1:12 p.m.4 views

Security update for libpng16

This update for libpng16 fixes the following issues: CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...

9.2CVSS6.8AI score0.01052EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2026/04/14 10:44 a.m.6 views

Security update for libpng16

This update for libpng16 fixes the following issue: CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...

9.2CVSS6.8AI score0.01052EPSS
Exploits1References4
Amazon
Amazon
added 2026/04/13 12:0 a.m.7 views

Important: firefox

Issue Overview: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single...

10CVSS6.2AI score0.01052EPSS
Exploits1
Amazon
Amazon
added 2026/04/13 12:0 a.m.5 views

Important: libpng

Issue Overview: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single...

7.6CVSS5.9AI score0.01052EPSS
Exploits1
OSV
OSV
added 2026/04/09 2:41 p.m.3 views

CVE-2026-34757 LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6.2AI score0.00195EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2026/04/09 2:41 p.m.7 views

CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS5.5AI score0.00195EPSS
Exploits1
OSV
OSV
added 2026/04/09 10:16 a.m.5 views

SUSE-SU-2026:21067-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. - CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and...

7.6CVSS6.1AI score0.01052EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2026/04/09 12:0 a.m.6 views

CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References3
OSV
OSV
added 2026/03/28 7:26 a.m.5 views

MGASA-2026-0070 Updated libpng packages fix security vulnerabilities

Use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE. CVE-2026-33416 Out-of-bounds read/write in the palette expansion on ARM Neon. CVE-2026-33636...

7.6CVSS5.9AI score0.01052EPSS
Exploits1References3
OSV
OSV
added 2026/03/26 5:16 p.m.5 views

DEBIAN-CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS6.1AI score0.01052EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/03/26 5:16 p.m.6 views

CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS5.9AI score0.01052EPSS
Exploits1References4
CVE
CVE
added 2026/03/26 4:48 p.m.86 views

CVE-2026-33416

CVE-2026-33416 concerns libpng: in versions 1.2.1 through 1.6.55, png_set_tRNS and png_set_PLTE alias a 256-byte and a 768-byte heap buffer between png_struct and png_info, respectively. Freeing via PNG_FREE_TRNS/PNG_FREE_PLTE frees through info_ptr while png_ptr remains dangling, causing potenti...

7.5CVSS5.9AI score0.01052EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2026/03/26 4:48 p.m.7 views

CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS6.1AI score0.01052EPSS
Exploits1
OSV
OSV
added 2026/03/26 4:48 p.m.4 views

CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS6AI score0.01052EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

libpng 资源管理错误漏洞

Libpng is an open-source PNG reference library developed by The PNG Development Group, which allows for the creation, reading, and other operations on PNG graphic files. Versions of Libpng prior to 1.6.55 contained a resource management vulnerability. This vulnerability stemmed from aliases and...

7.5CVSS6.3AI score0.01052EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.3 views

Azure Linux 3.0 Security Update: fltk (CVE-2015-8472)

The version of fltk installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-8472 advisory. - Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x...

7.5CVSS6AI score0.10339EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.10 views

PT-2026-28481

Name of the Vulnerable Software and Affected Versions LIBPNG versions 1.2.1 through 1.6.55 Description LIBPNG is a library used by applications to read, create, and manipulate PNG raster image files. Versions 1.2.1 through 1.6.55 contain an issue where the png set tRNS and png set PLTE functions...

7.6CVSS5.9AI score0.01052EPSS
Exploits1References156
RedHat Linux
RedHat Linux
added 2016/07/18 1:51 p.m.5 views

libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

7.5CVSS7.8AI score0.10339EPSS
Exploits0References4
OSV
OSV
added 2016/01/21 3:59 p.m.6 views

DEBIAN-CVE-2015-8472

Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...

7.3CVSS8.3AI score0.06054EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/01/21 11:38 a.m.6 views

libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

7.5CVSS7.8AI score0.10339EPSS
Exploits0References4
Rows per page
Query Builder