Lucene search
+L

503 matches found

OSV
OSV
added 2025/12/19 1:14 p.m.5 views

SUSE-SU-2025:4494-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2025-65018: Fixed heap buffer overflow in pngcombinerow triggered via pngimagefinishread bsc1254160 - CVE-2025-66293: Fixed LIBPNG out-of-bounds read in pngimagereadcomposite bsc1254480 - CVE-2025-64506: Fixed heap buffer over-read in...

7.1CVSS6AI score0.0036EPSS
Exploits6References11
SUSE Linux
SUSE Linux
added 2025/12/17 1:56 p.m.9 views

Security update for libpng16

This update for libpng16 fixes the following issues: CVE-2025-65018: Fixed heap buffer overflow in pngcombinerow triggered via pngimagefinishread bsc1254160 CVE-2025-66293: Fixed LIBPNG out-of-bounds read in pngimagereadcomposite bsc1254480 CVE-2025-64506: Fixed heap buffer over-read in...

7.1CVSS7.3AI score0.0036EPSS
Exploits6References20
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/16 10:47 a.m.5 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server and WebSphere Application Server Liberty and are affected by cross-site scripting.

Summary The security issue described in CVE-2025-12635 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

5.4CVSS6.5AI score0.00141EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/12/16 8:31 a.m.3 views

SUSE-SU-2025:21217-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2025-66293: Fixed out-of-bounds read in pngimagereadcomposite bsc1254480. - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157. - CVE-2025-64506: Fixed heap buffer over-read in...

7.1CVSS6AI score0.0036EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2025/12/14 12:0 a.m.6 views

Fedora 43 : libpng (2025-7f360be18f)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7f360be18f advisory. Fixed CVE-2025-66293 high severity: Out-of-bounds read in pngimagereadcomposite. Fixed the Paeth filter handling in the RISC-V RVV implementation. Improved t...

7.1CVSS6.2AI score0.00299EPSS
Exploits2References2
Amazon
Amazon
added 2025/12/08 12:0 a.m.11 views

Important: libpng

Issue Overview: A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array bounds are not validated against externally-supplied image data, allowing an attacker to craf...

7.1CVSS7.3AI score0.0036EPSS
Exploits5
Amazon
Amazon
added 2025/12/08 12:0 a.m.9 views

Important: firefox

Issue Overview: A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array bounds are not validated against externally-supplied image data, allowing an attacker to craf...

7.1CVSS7.3AI score0.0036EPSS
Exploits5
Microsoft CVE
Microsoft CVE
added 2025/12/05 9:2 a.m.9 views

LIBPNG has an out-of-bounds read in png_image_read_composite

...

7.1CVSS7AI score0.00299EPSS
Exploits2
Cvelist
Cvelist
added 2025/12/03 8:33 p.m.27 views

CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

7.1CVSS0.00299EPSS
Exploits2References4
Microsoft CVE
Microsoft CVE
added 2025/11/27 9:4 a.m.7 views

LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication

...

7.1CVSS7AI score0.0036EPSS
Exploits4
Cvelist
Cvelist
added 2025/11/24 11:45 p.m.22 views

CVE-2025-64720 LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALP...

7.1CVSS0.0036EPSS
Exploits4References4
AlpineLinux
AlpineLinux
added 2025/11/24 11:45 p.m.13 views

CVE-2025-64720

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALP...

7.1CVSS7AI score0.0036EPSS
Exploits4References4
EUVD
EUVD
added 2025/11/24 9:41 p.m.3 views

EUVD-2025-199092

Malicious code in composite-reducer npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 9:41 p.m.6 views

Malicious code in composite-reducer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eecfe869a6cc75f59e734412ec583d6bb95ddaab6b45c9c22526ba7b556e004 The package composite-reducer was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References10
OSV
OSV
added 2025/11/24 9:41 p.m.4 views

MAL-2025-190951 Malicious code in composite-reducer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eecfe869a6cc75f59e734412ec583d6bb95ddaab6b45c9c22526ba7b556e004 The package composite-reducer was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/12 6:42 a.m.6 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server and WebSphere Application Server Liberty and are affcted by affected by SMTP injection due to Jakarta Mail.

Summary The security issue described in CVE-2025-7962 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

7.5CVSS5AI score0.00756EPSS
Exploits0Affected Software1
Packet Storm News
Packet Storm News
added 2025/10/30 12:0 a.m.4 views

A Comparative Study of Hybrid Post-Quantum Cryptographic X.509 Certificate Schemes

As quantum computing hardware continues to advance, the integration of such technology with quantum algorithms is anticipated to enable the decryption of ciphertexts produced by RSA and Elliptic Curve Cryptography ECC within polynomial time. In response to this emerging threat, the U.S. National...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-1589

Malware in sbrugna...

4.3CVSS9.2AI score0.04117EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414445 advisory. An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS...

4.9CVSS6.7AI score0.00927EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-32651

Malicious code in bioql PyPI...

5.5CVSS5.9AI score0.01772EPSS
Exploits1References15
Rows per page
Query Builder