35 matches found
Out-of-bounds Write
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
AZL-71491 CVE-2025-66293 affecting package libpng12 1.2.57-16
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...
AZL-71644 CVE-2025-66293 affecting package qt5-qtbase for versions less than 5.12.11-19
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...
AZL-71461 CVE-2025-66293 affecting package libpng12 1.2.57-16
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...
CVE-2025-64506 LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngwriteimage8bit function when processing 8-bit images through t...
EUVD-2017-0054
Malware in sbrugna...
EUVD-2015-0118
Malware in sbrugna...
EUVD-2009-2290
Malware in sbrugna...
EUVD-2021-8980
Malicious code in bioql PyPI...
K000156683: Multiple ImageMagick vulnerabilities
Security Advisory Description CVE-2014-9828 coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. CVE-2014-9829 coders/sun.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds access via a crafted sun file...
CVE-2021-44342
David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow via function okpngtransformscanline in "/okpng.c:494"...
UBUNTU-CVE-2021-3695
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...
exiv2: information leak via a crafted file
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...
CVE-2019-19952
In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage...
libpng: use-after-free in png_image_free in png.c
A vulnerability was found in libpng where a use-after-free issue exists in the pngimagefree function within png.c. This vulnerability can be exploited by persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service...
Updated advancecomp packages fix security vulnerability
advancecomp has been updated to fix a security issue that could be triggered when pressented with a malformed PNG file. advancecomp contained an integer overflow upon encountering an invalid PNG size, which could result in a buffer overflow CVE-2019-9210, as well as a heap-based buffer over-read...
CVE-2018-19535
In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunkint.cpp may cause a denial of service application crash due to a heap-based buffer over-read via a crafted PNG file...
Geutebrueck re_porter cross-site scripting vulnerability
Geutebrueck is a video management system from GEUREBRÜCK, Germany. sreporter is one of the hybrid recorders for digital storage and video signal transmission for MPEG4 CCTV-Standard. A cross-site scripting vulnerability exists in Geutebrueck reporter 16 versions prior to 7.8.974.20. A remote...
CVE-2017-18219
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large pngpixels array allocation...
CVE-2017-18219
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large pngpixels array allocation...