tinyexr Denial of Service Vulnerability (CNVD-2021-94957)

tinyexr is a small library for loading and saving OpenEXR .exr images. tinyexr version 0.9.5 suffers from a denial-of-service vulnerability. The vulnerability stems from an array indexing error in the tinyexr::SaveEXR component. An attacker could exploit this vulnerability to cause a denial of...

tinyexr denial of service vulnerability

tinyexr is a small library for loading and saving OpenEXR .exr images. tinyexr version 0.9.5 suffers from a denial-of-service vulnerability. The vulnerability stems from an array indexing error in the tinyexr::DecodeEXRImage component. An attacker could exploit this vulnerability to cause a denia...

tinyexr commit 输入验证错误漏洞

tinyexr is a small library for loading and saving OpenEXR .exr images. tinyexr version 0.9.5 suffers from a denial-of-service vulnerability. The vulnerability stems from an array indexing error in the tinyexr::SaveEXR component. An attacker could exploit this vulnerability to cause a denial of...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists through multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mo...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists as multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov fil...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists as multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov fil...

Huawei EulerOS: Security Advisory for libpng12 (EulerOS-SA-2019-1391)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Foxit PhantomPDF < 8.3.11 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.11. It is, therefore affected by multiple vulnerabilities: - An uninitialized pointer flaw exists when calling xfa.event.rest XFA JavaScript that can cause the...

EulerOS Virtualization for ARM 64 3.0.1.0 : libpng12 (EulerOS-SA-2019-1391)

According to the versions of the libpng12 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An array-indexing error was discovered in the pngconverttorfc1123 function of libpng. An attacker could possibly use...

Information Disclosure

libpng is vulnerable to information disclosure. An array-indexing error was discovered in the pngconverttorfc1123 function. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image...

Symantec Protection Engine 7.0.x < 7.0.5 HF01 / 7.5.x < 7.5.3 HF03 / 7.8.x < 7.8.0 HF01 Multiple Vulnerabilities (SYM16-010)

The version of Symantec Protection Engine installed on the remote host is 7.0.x prior to 7.0.5 HF01, 7.5.x prior to 7.5.3 HF03, or 7.8.x prior to 7.8.0 HF01. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the Unpack::ShortLZ function within file...

Symantec Protection Engine 7.0.x < 7.0.5 HF01 / 7.5.x < 7.5.3 HF03 / 7.8.x < 7.8.0 HF01 Multiple Vulnerabilities (SYM16-010) (*nix check)

The version of Symantec Protection Engine installed on the remote host is 7.0.x prior to 7.0.5 HF01, 7.5.x prior to 7.5.3 HF03, or 7.8.x prior to 7.8.0 HF01. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the Unpack::ShortLZ function within file...

libpng: Out-of-bounds read in png_convert_to_rfc1123

An array-indexing error was discovered in the pngconverttorfc1123 function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image...

Symantec Mail Security for Exchange / Domino Decomposer Engine Multiple Vulnerabilities (SYM16-010)

The version of Symantec Mail Security for Exchange or Domino installed on the remote Windows host is affected by multiple vulnerabilities in the decomposer engine : - An array indexing error exists in the UnRAR component in the Unpack::ShortLZ function in unpack15.cpp that is triggered when...

Amazon Linux AMI : libpng (ALAS-2015-615)

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

Amazon Linux: Security Advisory (ALAS-2015-615)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for libpng CESA-2015:2594 centos6

Check the version of libpng SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882335";...

Scientific Linux Security Update : libpng on SL6.x i386/x86_64 (20151209)

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

RedHat Update for libpng RHSA-2015:2594-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-600)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...