5 matches found
SUSE CVE-2025-11680
Out-of-bounds Write in unfilterscanline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
SUSE CVE-2009-1932
Multiple integer overflows in the 1 userinfocallback, 2 userendrowcallback, and 3 gstpngdectask functions ext/libpng/gstpngdec.c in GStreamer Good Plug-ins aka gst-plugins-good or gstreamer-plugins-good 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary cod...
DEBIAN-CVE-2021-4214
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service...
PT-2021-14347 · Unknown · Kamadak-Exif
Name of the Vulnerable Software and Affected Versions: kamadak-exif version 0.5.2 Description: The issue is related to an infinite loop in parsing crafted PNG files, specifically in the reader::read from container function. This can lead to a denial-of-service DoS condition when used with untrust...
Exiv2 Input Validation Error Vulnerability (CNVD-2019-34822)
Exiv2 is a set of C++ libraries and command line applications for managing image metadata by Andreas Huggel programmers. The product provides the ability to read and write image metadata in a variety of formats including EXIF, IPTC and XMP. An input validation error vulnerability exists in Exiv2...