CVE-2026-24823

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in FASTSHIFT X-TRACK Software/X-Track/USER/App/Utils/lvimgpng/PNGdec/src modules. This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7...

MiracleLinux 3 : cups-1.2.4-11.18.1.1AXS3 (AXSA:2008-75:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-75:01 advisory. Description of problem: The Common UNIX Printing System CUPS provides a portable printing layer for UNIX operating systems. An integer overflow flaw leading to...

CVE-2025-11680

Out-of-bounds Write in unfilterscanline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...

EUVD-2017-9347

Malware in sbrugna...

SUSE CVE-2008-4064

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to graphics rendering and 1 handling of a long alert messagebox in the...

SUSE CVE-2022-23585

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...

CVE-2022-35013

PNGDec commit 8abf6be was discovered to contain a FPE via SaveBMP at /linux/main.cpp...

Design/Logic Flaw

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...

PYSEC-2022-93

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow 2.8.0. ...

PYSEC-2022-94

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., , the decode value contains allocated buffers which can only be freed by calling png::CommonFreeDecode. However,...

PYSEC-2022-148

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow 2.8.0. ...

CVE-2022-23584 Use after free in `DecodePng` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...

Google TensorFlow 资源管理错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a resource management error vulnerability that can be exploited by an attacker to cause use-after-release behavior when decoding PNG images...

PT-2022-16102 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow version 2.7.1 TensorFlow version 2.6.3 TensorFlow version 2.5.3 Description: When decoding PNG images, TensorFlow can produce a memory leak if the image is invalid. After calling...

Denial Of Service (DoS)

cups is vulnerable to denial of service DoS. The vulnerability exists as an integer overflow flaw leading to a heap buffer overflow was discovered in the Portable Network Graphics PNG decoding routines used by the CUPS image converting filters "imagetops" and "imagetoraster". An attacker could...

DEBIAN-CVE-2017-7866

FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decodezbuf function in libavcodec/pngdec.c...

CVE-2014-9317

The decodeihdrchunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file...

Scientific Linux Security Update : gstreamer-plugins-good on SL5.x i386/x86_64

Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute...

CentOS Update for gstreamer-plugins-good CESA-2009:1123 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

openSUSE Security Update : gstreamer-0_10-plugins-good (gstreamer-0_10-plugins-good-1717)

Specially crafted files could cause integer overflows in the PNG decoding module of GStreamer CVE-2009-1932. if !definedfunc"nasllevel" || nasllevel = 70000 && nasllevel = 70200 && nasllevel = 80000 && nasllevel 80502 exit0; C Tenable Network Security, Inc. The descriptive text and package checks...