JLSEC-2026-95

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

ALPINE-CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

UBUNTU-CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

EUVD-2026-16258

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

SUSE CVE-2025-71268

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from cowfilerangeinline without freeing the reserved qgroup data, resulting in a leak. Fi...

SUSE CVE-2025-71269

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an ordered extent, etc...

kernel: drm/xe: Make dma-fences compliant with the safe access rules

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

EUVD-2025-206397

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

EUVD-2020-23866

Malware in sbrugna...

The plist_free_data function libplist allows attackers to cause a denial of service

...

CVE-2025-38703 drm/xe: Make dma-fences compliant with the safe access rules

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2025-1789)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the :redir ex command to register,...

EulerOS 2.0 SP10 : vim (EulerOS-SA-2025-1812)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the :redir ex command to register,...

WebKit DocumentFontLoader::fontLoadingTimerFired Use-After-Free

WebKit suffers from a use-after-free vulnerability in DocumentFontLoader::fontLoadingTimerFired. https://packetstorm.news/download/188628...

PT-2025-5654 · Git +1 · Opencv

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash has been reported, classified as an UNKNOWN READ. The crash state involves several functions: png free data, png destroy info struct, and png...

PT-2026-26111

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a reservation leak within the btrfs file system when inserting inline extents. Specifically, if allocation of a path or joining a transaction...

UBUNTU-CVE-2024-56742

In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vfaddmigrationpages Fix an unwind issue in mlx5vfaddmigrationpages. If a set of pages is allocated but fails to be added to the SG table, they need to be freed to prevent a memory leak. Any...

DEBIAN-CVE-2024-27388

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...

PT-2023-36428 · Gnu +2 · Linux +2

Уязвимость функции aa free data в модуле security/apparmor/policy.c модуля безопасности AppArmor ядра операционной системы Linux связана с возможным некорректным освобождением памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании...

SUSE CVE-2018-14048

An issue has been found in libpng 1.6.34. It is a SEGV in the function pngfreedata in png.c, related to the recommended error handling for pngreadimage...