27 matches found
Unity Linux 20.1060e / 20.1070e Security Update: openjpeg2 (UTSA-2026-017502)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017502 advisory. A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some case...
Ubuntu: Security Advisory (USN-8039-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2017-18080
Malware in sbrugna...
SUSE CVE-2020-18831
Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file...
USN-5855-3 imagemagick regression
USN-5855-2 fixed vulnerabilities in ImageMagick. Unfortunately an additional mitigation caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or...
USN-5855-2 imagemagick vulnerabilities
USN-5855-1 fixed a vulnerability in ImageMagick. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked...
Ubuntu: Security Advisory (USN-11-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-33-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:1762-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2022-28463: Fixed buffer overflow in coders/cin.c bsc1199350. Bugfixes: - Use pnggeteXIf1 when available bsc1197147...
CVE-2020-27814
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application...
UBUNTU-CVE-2020-27814
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application...
CVE-2020-15630
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Foxit Studio Photo Buffer Overflow Vulnerability (CNVD-2020-65179)
Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A buffer overflow vulnerability exists in the processing of PNG files in Foxit Studio Photo 3.6.6.924 and earlier versions for Windows platforms, which stems from the program not properly validating...
CVE-2018-4039
An exploitable out-of-bounds write vulnerability exists in the PNG implementation of Atlantis Word Processor, version 3.2.7.2. This can allow an attacker to corrupt memory, which can result in code execution under the context of the application. An attacker must convince a victim to open a...
USN-3700-1 exiv2 vulnerabilities
It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. CVE-2018-10958, CVE-2018-10998 It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this to access sensitive information...
Apple iOS ImageIO Memory Information Disclosure Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory incorrect initialization vulnerability exists in Apple iOS ImageIO's handling of PNG files, which allows remote attackers to exploit the vulnerability to construct special files that can be parse...
Artweaver Handles PNG Image Memory Corruption Vulnerability
Artweaver is a drawing software from Germany. The Artweaver software has an error in the logic of handling PNG images, allowing an attacker to exploit a vulnerability to parse malformed images and crash the application...
CVE-2012-3438
The Magickpngmalloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service crash via a crafted PNG file that triggers incorrect memory allocation...
Gentoo Security Advisory GLSA 200908-10 (dillo)
The remote host is missing updates announced in advisory GLSA 200908-10. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Ubuntu 4.10 : libgd2 vulnerabilities (USN-11-1)
Several buffer overflows have been discovered in libgd's PNG handling functions. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PH...