255 matches found
SUSE CVE-2026-12912
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...
CVE-2026-12912
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...
CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...
CVE-2026-12912
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...
CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...
PT-2026-53316
Name of the Vulnerable Software and Affected Versions libtiff affected versions not specified Description A heap-based buffer overflow exists in the PixarLog decoder. A remote attacker can trigger this issue by providing a specially crafted PixarLog-compressed TIFF image. The flaw occurs during t...
Astra Linux – Vulnerability in libpng1.6
LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.26 to 1.6.53, there was an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit, which caused...
EulerOS Virtualization 2.13.0 : libpng (EulerOS-SA-2026-2174)
According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...
SUSE CVE-2026-45700
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...
Astra Linux – Vulnerability in libraw
In LibRaw, there is a out-of-bounds read vulnerability within the “simpledecoderow” function libraw\src\x3f\x3futilspatched.cpp, which can be triggered by an image with a large rowstride field...
CVE-2026-32882
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...
CVE-2026-32882
CVE-2026-32882 – libheif heap buffer OOB read : In libheif 1.21.2 and earlier, a flaw in HeifPixelImage::overlay() allows a heap buffer over-read during overlay compositing when the child image uses a different bit depth for alpha than color channels. Specifically, the code indexes the alpha plan...
CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...
CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...
Threat Modelling Using Domain-Adapted Language Models: Empirical Evaluation and Insights
Large Language ModelsLLMs are increasingly explored for cybersecurity applications such as vulnerability detection. In the domain of threat modelling, prior work has primarily evaluated a number of general-purpose Large Language Models under limited prompting settings. In this study, we extend th...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read
A flaw was found in libpng, a reference library for processing PNG Portable Network Graphics image files. A local attacker could exploit a heap buffer over-read vulnerability in the pngimagefinishread function by tricking a user into processing a specially crafted interlaced 16-bit PNG file with ...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
Unity Linux 20.1070a Security Update: libpng (UTSA-2026-007289)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007289 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, ther...
CLSA-2026-1776171616 ImageMagick: Fix of CVE-2025-57803
CVE-2025-57803: fix integer overflow in BMP reader stride computation...