178 matches found
[SECURITY] Fedora 42 Update: libpng-1.6.56-1.fc42
The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...
[SECURITY] Fedora 43 Update: libpng12-1.2.57-25.fc43
The libpng12 package provides libpng 1.2, an older version of the libpng library for manipulating PNG Portable Network Graphics image format files. This version should be used only if you are unable to use the current version of libpng...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
[SECURITY] Fedora 42 Update: libpng-1.6.55-1.fc42
The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...
CVE-2022-23585
Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., , the decode value contains allocated buffers which can only be freed by calling png::CommonFreeDecode. However,...
libpng: LIBPNG out-of-bounds read in png_image_read_composite
An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...
EUVD-2005-4043
Malware in sbrugna...
EUVD-2010-2261
Malware in sbrugna...
EUVD-2014-9312
Malware in sbrugna...
EUVD-2002-2039
Malware in sbrugna...
EUVD-2010-1546
Malware in sbrugna...
EUVD-2011-2671
Malware in sbrugna...
EUVD-2015-8016
Malware in sbrugna...
EUVD-2021-33280
Malicious code in bioql PyPI...
EUVD-2021-33294
Malicious code in bioql PyPI...
EUVD-2024-0572
Malicious code in bioql PyPI...
CVE-2024-25143
The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions, does not limit resource consumption when generating a preview image, which allows remote...
CVE-2002-2060
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images...
Denial Of Service (DoS)
github.com/bep/imagemeta is vulnerable to Denial Of Service DoS. The vulnerability is due to missing upper bounds on memory allocation when parsing metadata in PNG and WebP images, allowing an attacker to craft specially designed images with excessively large metadata...
BIT-TENSORFLOW-2022-23584 Use after free in `DecodePng` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...