Lucene search
K

310 matches found

OSV
OSV
added 2026/01/22 2:31 p.m.3 views

SUSE-SU-2026:20127-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525. - CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in pngimagewrite bsc1256526...

7.8CVSS6AI score0.00172EPSS
Exploits1References5
OSV
OSV
added 2026/01/22 2:29 p.m.3 views

OPENSUSE-SU-2026:20083-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525. - CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in pngimagewrite bsc1256526...

7.8CVSS6AI score0.00172EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/21 7:50 p.m.6 views

CVE-2026-22801

A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...

7.8CVSS5.3AI score0.00114EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/01/21 3:33 a.m.4 views

Security update for libpng16

This update for libpng16 fixes the following issues: CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

6.8CVSS5.6AI score0.00172EPSS
Exploits1References4
OSV
OSV
added 2026/01/21 3:33 a.m.2 views

SUSE-SU-2026:0192-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-22695: Fixed heap buffer over-read in pngimagefinishread bsc1256525...

7.1CVSS6AI score0.00172EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2026/01/19 12:0 a.m.10 views

Mageia: Security Advisory (MGASA-2026-0010)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.1AI score0.00172EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.8 views

openSUSE 16 Security Update : libpng16 (openSUSE-SU-2026:20017-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20017-1 advisory. - CVE-2025-64505: heap buffer over-read in pngdoquantize when processing PNG files malformed palette indices bsc1254157. - CVE-2025-64506: heap...

7.1CVSS6.1AI score0.00352EPSS
Exploits6References15
Microsoft CVE
Microsoft CVE
added 2026/01/14 9:3 a.m.7 views

LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*

...

7.8CVSS5.4AI score0.00114EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/01/13 4:33 a.m.7 views

Security update for util-linux

This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. lscpu: Add support for NVIDIA Olympus arm64 core jscPED-13682. Patch Instructions: To install this SUSE update use the SUSE recommended...

6.9CVSS7.2AI score0.00179EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 8 : libjpeg-turbo-1.5.3-14.el8_10 (AXSA:2025-9945:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9945:01 advisory. libjpeg-turbo: heap-based buffer over-read in getrgbrow in rdppm.c CVE-2020-13790 Tenable has extracted the preceding description block directly from the...

8.1CVSS7.2AI score0.03205EPSS
Exploits1References2
NVD
NVD
added 2026/01/12 11:15 p.m.4 views

CVE-2026-22801

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer...

7.8CVSS0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/01/12 11:15 p.m.8 views

AZL-74499 CVE-2026-22801 affecting package gdal 3.6.3-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit causes heap buffer...

7.8CVSS6.3AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/31 12:57 p.m.5 views

CVE-2025-68431

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...

6.5CVSS6.5AI score0.00267EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: util-linux (UTSA-2025-993327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993327 advisory. A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function,...

6.1CVSS5.6AI score0.00179EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/29 7:9 p.m.22 views

CVE-2025-68431 libheif has Potential Heap Buffer Over-Read

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...

6.5CVSS0.00267EPSS
Exploits1References3
OSV
OSV
added 2025/12/16 8:25 a.m.3 views

SUSE-SU-2025:21220-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2025-66293: Fixed out-of-bounds read in pngimagereadcomposite bsc1254480. - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157. - CVE-2025-64506: Fixed heap buffer over-read in...

7.1CVSS6.6AI score0.00352EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2025/12/13 12:0 a.m.4 views

SUSE SLES12: libpng12-0 / libpng12-0-32bit / libpng12-compat-devel / etc (SUSE-SU-2025:4383-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4383-1 advisory. - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157 Tenable has extracted the preceding description...

6.1CVSS6.6AI score0.00184EPSS
Exploits2References4
OSV
OSV
added 2025/12/12 1:13 p.m.4 views

SUSE-SU-2025:4383-1 Security update for libpng12

This update for libpng12 fixes the following issues: - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157...

6.1CVSS7.2AI score0.00184EPSS
Exploits2References3
OSV
OSV
added 2025/12/10 3:24 p.m.5 views

CLSA-2025-1765380269 libpng: Fix of CVE-2025-64505

CVE-2025-64505: fix heap buffer over-read vulnerability in pngdoquantize function...

6.1CVSS6.2AI score0.00184EPSS
Exploits2References1
OSV
OSV
added 2025/12/09 2:1 p.m.6 views

CLSA-2025-1765288864 libpng: Fix of CVE-2025-64505

CVE-2025-64505: fix heap buffer over-read vulnerability in pngdoquantize function...

6.1CVSS6.5AI score0.00184EPSS
Exploits2References1
Rows per page
Query Builder