Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogadded 2021/12/10 5:23 p.m.48 views

Integer Overflow in png-img

An integer overflow in the PngImg::InitStorage function of png-img before 3.1.0 leads to an under-allocation of heap memory and subsequently an exploitable heap-based buffer overflow when loading a crafted PNG file...

8.8CVSS8.6AI score0.01001EPSS
Exploits1References6Affected Software1
CVE
CVEadded 2021/02/19 11:5 p.m.97 views

CVE-2020-28248

CVE-2020-28248 affects png-img up to version 3.0.x (before 3.1.0). The issue is an integer overflow in PngImg::InitStorage_() that under-allocates heap memory, leading to a heap-based buffer overflow while loading a crafted PNG. Impact is a memory corruption risk that can cause a crash or potenti...

8.8CVSS8.8AI score0.01001EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2021/02/19 12:0 a.m.3 views

png-img Input Validation Error Vulnerability

Rashid Ksirov png-img is an application from the Rashid Ksirov community in the USA. It provides a Lite self contained png image processing library for macOS and Linux. An input validation error vulnerability exists in png-img. The vulnerability stems from the package's PngImg::InitStorage functi...

8.8CVSS7.5AI score0.01001EPSS
Exploits1References4
Rows per page
Query Builder