416 matches found
CVE-2026-45359
A flaw was found in ImageMagick. A local attacker could exploit this vulnerability by providing an invalid 'connected-components:keep-top' value during image processing. This could lead to a heap buffer over-read, potentially resulting in information disclosure or a denial of service DoS...
Linux Distros Unpatched Vulnerability : CVE-2026-45624
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a...
PT-2026-41776
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An invalid connected-components:keep-top value can lead to a heap buffer over-read during the connected components operation. A heap buffer over-read occurs when...
PT-2026-40679
Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source affected versions not specified Description A heap buffer over-read exists in the ngx http charset module module. This occurs when the charset, source charset, charset map, and proxy...
SUSE CVE-2026-4887
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...
libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read
A flaw was found in libpng, a reference library for processing PNG Portable Network Graphics image files. A local attacker could exploit a heap buffer over-read vulnerability in the pngimagefinishread function by tricking a user into processing a specially crafted interlaced 16-bit PNG file with ...
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2026-1539)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RLSA-2026:4306 Important: mingw-libpng security update
MinGW Windows Libpng library. Security Fixes: libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of service and information disclosure via heap buffer over-read in pngimagefinishread CVE-2026-22695...
RockyLinux 10 : libpng (RLSA-2026:3551)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3551 advisory. libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...
Important: Red Hat Security Advisory: libpng security update
An update for libpng is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
GHSA-QPGX-JFCQ-R59F ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images
A heap buffer over-read vulnerability occurs when processing an image with small dimension using the -wavelet-denoise operator. ==3693336==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x511000001280 at pc 0x5602c8b0cc75 bp 0x7ffcb105d510 sp 0x7ffcb105d500 READ of size 4 at...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libpng16 (SUSE-SU-2026:0364-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0364-1 advisory. - CVE-2025-28162: memory leaks when running pngimage bsc1257364. - CVE-2025-28164: memory leaks...
SUSE-SU-2026:20121-1 Security update for libheif
This update for libheif fixes the following issues: - CVE-2025-68431: heap buffer over-read in HeifPixelImage::overlay via crafted HEIF file that exercises the overlay image item path bsc1255735...
CVE-2026-22801 LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer...
CVE-2018-18194
An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample in DLS.cpp...
CVE-2018-19759
There is a heap-based buffer over-read at stbimagewrite.h function: stbiwritepngtomem in libsixel 1.8.2 that will cause a denial of service...
CVE-2019-20086
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMFNext in GPMFparser.c...
CVE-2020-23931
An issue was discovered in gpac before 1.0.1. The abstboxread function in boxcodeadobe.c has a heap-based buffer over-read...
AZL-70894 CVE-2025-64505 affecting package fltk 1.3.5-4
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
CVE-2025-62792 Wazuh vulnerable to Heap-based Buffer Over-read in w_expression_match
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read occurs in wexpressionmatch when strlen is called on strtest, because the corresponding buffer is not being properly NULL terminated during its allocation in OSCleanMSG...