CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

ALPINE-CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

EUVD-2010-2081

Malware in sbrugna...

Heap-based Buffer Overflow

OpenEXR is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to improper memory handling due to a maliciously forged chunk header when decompressing ZIPS-packed deep scan-line EXR files...

CVE-2025-48071 OpenEXR's Forged Unpacked Size can Lead to Heap-Based Buffer Overflow in Deep Scanline Parsing

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

CVE-2025-48071

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size

Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files with a maliciously forged chunk header. Details When parsing STORAGEDEEPSCANLINE chunks from an EXR file, the following code from...

GHSA-H45X-QHG2-Q375 OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size

Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files with a maliciously forged chunk header. Details When parsing STORAGEDEEPSCANLINE chunks from an EXR file, the following code from...

SUSE CVE-2012-3509

Multiple integer overflows in the 1 objallocalloc function in objalloc.c and 2 objallocalloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service crash via vectors related to the "addition of CHUNKHEADERSIZE to the length,"...

SUSE CVE-2014-0075

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunke...

SUSE CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

GHSA-475F-74WP-PQV5 Integer Overflow or Wraparound in Apache Tomcat

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunke...

The vulnerability of the libtorrent library, which allows a hacker to trigger a service failure

The vulnerability of the parsechunkheader function in the libtorrent library exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause a service failure abrupt termination of operations through a specially crafte...

DEBIAN-CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

UBUNTU-CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

Analysis of the Linux heap overflow of fastbin-vulnerability warning-the black bar safety net

Some time ago to participate in the RCTF match, encountered a stack overflow topic shaxian it. The vulnerability itself is quite obvious, but due to a heap overflow is not familiar, have not been able to find the use of the method. After reading Fudan University six star clan it is, only know it...

Oracle: Security Advisory (ELSA-2015-1668)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : httpd (ELSA-2015-1667)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1667 advisory. - core: fix chunk header parsing defect CVE-2015-3183 Tenable has extracted the preceding description block directly from the Oracle Linux security...