ROS-20260401-73-0009

A vulnerability in the pngimagereaddirectscaled function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information or cause denial of service...

ROS-20260401-73-0007

A vulnerability in the pngimagereadcomposite function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and availability of protected information using a specially...

ROS-20260401-73-0021

A vulnerability in the PNG raster graphics library Libpng is related to reading outside of the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data and cause a denial of service...

ROS-20260401-73-0019

A vulnerability in the PNG raster graphics library Libpng is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data and cause a denial of service...

ROS-20260401-73-0023

A vulnerability in the PNG raster graphics library Libpng is related to reading outside of the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data and cause a denial of service...

ROS-20260401-73-0022

A vulnerability in the PNG raster graphics library Libpng is related to reading outside of the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data and cause a denial of service...

ROS-20260401-73-0011

A vulnerability in the pngimagereaddirectscaled function of the libpng library is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information or cause denial of service...

ROS-20260401-73-0017

A vulnerability in the pngdoquantize function of the pngrtran.c component of the PNG Libpng bitmap graphics library is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to confidential data and cause a denial of...

SUSE SLES15 / openSUSE 15 Security Update : freerdp (SUSE-SU-2026:1160-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1160-1 advisory. - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. CVE-2026-31806: improper validation of server messages c...

SUSE-SU-2026:1160-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. - CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. - CVE-2026-31806: improper validation of server...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. CVE-2026-31806: improper validation of server messages c...

SUSE-SU-2026:1129-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing bsc1258979. - CVE-2026-26955: Out-of-bounds Write in freerdp bsc1258982. - CVE-2026-26965: Out-of-bounds Write in freerdp bsc1258985. - CVE-2026-31806: improper validation of server...

BIT-NGINX-2026-32647 NGINX ngx_http_mp4_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

CVE-2026-31988

yauzl aka Yet Another Unzip Library version 3.2.0 for Node.js contains an off-by-one error in the NTFS extended timestamp extra field parser within the getLastModDate function. The while loop condition checks cursor data.length + 4 instead of cursor + 4 = data.length, allowing readUInt16LE to rea...

Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources

...

SUSE CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

JLSEC-2026-7 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function pngimagefinishread when processing interlaced 16-bit PNGs with...

DEBIAN-CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...