663 matches found
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
CVE-2026-26178
Integer size truncation in Windows Advanced Rasterization Platform WARP allows an unauthorized attacker to elevate privileges locally...
PT-2026-32755
CVE-2026-26178 Integer size truncation in Windows Advanced Rasterization Platform WARP allows an unauthorized attacker to elevate privileges locally. https://t.co/6dbFxYiIih...
UBUNTU-CVE-2026-33900
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a...
CVE-2026-33900
CVE-2026-33900 affects ImageMagick’s VIFF encoder. A 32-bit build can trigger an integer truncation/wraparound that causes an out-of-bounds heap write, potentially crashing the process. The vulnerability is fixed in ImageMagick releases 6.9.13-44 and 7.1.2-19. OpenSUSE and Debian-related advisori...
CVE-2026-33900
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a...
CVE-2026-33900
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a...
PT-2026-32524
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-44 ImageMagick versions prior to 7.1.2-19 Description The viff encoder contains an integer truncation or wraparound issue on 32-bit builds. This can trigger an out of bounds heap write, potentially causing ...
ImageMagick 安全漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained security vulnerabilities. These vulnerabilities were due ...
curl: libcurl: Integer truncation in curl_easy_ssls_import() causes TLS sessions to never expire
Summary: curleasysslsimport deserializes a TLS session blob and stores it in the in-memory session cache. In Curlsslsessionunpack lib/vtls/vtlsspack.c:311, the validuntil field is read as uint64t and cast directly to curlofft int64t with no bounds check — so a crafted blob encoding validuntil =...
CVE-2026-23457
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntracksip module. This vulnerability arises from an integer truncation error when processing the Content-Length header in Session Initiation Protocol SIP messages. On 64-bit systems, large Content-Length valu...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from integer truncation in the siphelptcp function, potentially leading to parsing errors...
CVE-2026-34610 leancrypto: Integer truncation in X.509 name parser enables certificate identity impersonation
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...
Security Bulletin: IBM Content Navigator is affect my Apache Xalan
Summary IBM Content Navigator is affected by CVE-2022-34169, a remote code execution vulnerability CWE-681 in the Apache Xalan Java XSLT library. An integer truncation flaw in the processing of XSLT stylesheets allows a remote attacker to supply a specially crafted stylesheet and execute arbitrar...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...
libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
A flaw was found in libpng, a reference library for PNG Portable Network Graphics raster image files. An integer truncation vulnerability exists in the pngwriteimage16bit and pngwriteimage8bit simplified write API functions. A local attacker could exploit this flaw by providing a negative row...