26 matches found
CLSA-2026-1778860714 gimp: Fix of 2 CVEs
CVE-2026-4153: fix heap-based buffer overflow in PSP file parser by computing proper linewidth for bit depths 1 and 4 with small widths - CVE-2026-4154: fix integer overflow and buffer overflow in XPM file parser by adding GIMPMAXIMAGESIZE bounds checks and using gtrynew...
UBUNTU-CVE-2026-32882
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...
CVE-2026-40493
SAIL PSD decoder in LAB mode (3 channels, 16-bit depth) suffers a heap buffer overflow due to a bpp mismatch: bytes-per-pixel is computed as (channelsdepth) but the allocated buffer uses the resolved pixel format (BPP40_CIE_LAB yields 5 bytes/pixel while 3 16 would imply 6). This causes every pix...
ROS-20260113-7310
A vulnerability in the resourcebuildbitdepthreductionparams function of the Direct Rendering Infrastructure DRI support driver for AMD graphics cards in the Linux operating system kernel is related to pointer dereference. Exploitation of the vulnerability could allow an attacker to cause a denial...
Efficient Adversarial Malware Defense Via Trust-Based Raw Override and Confidence-Adaptive Bit-Depth Reduction
The deployment of robust malware detection systems in big data environments requires careful consideration of both security effectiveness and computational efficiency. While recent advances in adversarial defenses have demonstrated strong robustness improvements, they often introduce computationa...
Security update for libaom, libyuv
This update for libaom, libyuv fixes the following issues: libaom was updated to version 3.7.1: Bug Fixes: aomedia:3349: heap overflow when increasing resolution aomedia:3478: GCC 12.2.0 emits a -Wstringop-overflow warning on aom/av1/encoder/motionsearchfacade.c aomedia:3489: Detect encoder and...
SUSE CVE-2015-8126
Multiple buffer overflows in the 1 pngsetPLTE and 2 pnggetPLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service application crash or possibly have...
January 26, 2017—KB 3216755 (OS Build 14393.726)
January 26, 2017—KB 3216755 OS Build 14393.726 Improvements and fixes This release is only available on the Microsoft Update Catalog website This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed a known issu...
php imagecreatefrom* functions of the png-vulnerability warning-the black bar safety net
0x00 introduction This article mainly analyzes the php using the GD library imagecreatefrompng function to rebuild the png image may lead to local file inclusion vulnerability. When the system is the existence of the file contains the points, can contain a picture file; in addition the system the...
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...
DEBIAN-CVE-2015-8472
Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...
AZL-44394 CVE-2015-8472 affecting package fltk for versions less than 1.3.8-1
Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...
USN-2861-1: libpng vulnerabilities
It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking th...
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...
UBUNTU-CVE-2015-8472
Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...