670 matches found
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
Important: Red Hat Security Advisory: libpng security update
An update for libpng is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
RHEL 9 : libpng (RHSA-2026:3575)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3575 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security...
RHEL 9 : libpng (RHSA-2026:3573)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3573 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security...
RHEL 10 : libpng (RHSA-2026:3551)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3551 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
RHEL 9 : libpng (RHSA-2026:3405)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3405 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security...
ALSA-2026:3551 Important: libpng security update
The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...
libpng security update
An update is available for libpng. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpng packages contain a library of functions for creating and manipulati...
Important: libpng security update
The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-22801 libpng: libpng: Denial of...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read via the DJVU image format handler. An attacker can cause out-of-bounds memory reads and potentially impact the integrity or availability of the application by supplying a specially crafted DJVU file that triggers intege...
GHSA-R99P-5442-Q2X2 ImageMagick has a heap Buffer Over-read in its DJVU image format handler
A heap Buffer Over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride row size for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads...
SUSE SLES15 Security Update : libpng16 (SUSE-SU-2026:0596-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0596-1 advisory. - CVE-2025-28162: memory leaks when running pngimage bsc1257364. - CVE-2025-28164: memory leaks when running pngimage bsc1257365. -...
Security update for libpng16
This update for libpng16 fixes the following issues: CVE-2025-28162: memory leaks when running pngimage bsc1257364. CVE-2025-28164: memory leaks when running pngimage bsc1257365. CVE-2026-22695: heap buffer over-read in pngimagefinishread bsc1256525. CVE-2026-22801: integer truncation causing hea...
SUSE-SU-2026:0596-1 Security update for libpng16
This update for libpng16 fixes the following issues: - CVE-2025-28162: memory leaks when running pngimage bsc1257364. - CVE-2025-28164: memory leaks when running pngimage bsc1257365. - CVE-2026-22695: heap buffer over-read in pngimagefinishread bsc1256525. - CVE-2026-22801: integer truncation...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3171 (ALAS-2026-3171)
The version of thunderbird installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3171 advisory. HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the...
Medium: firefox
Issue Overview: HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construc...