MiracleLinux 9 : java-25-openjdk-25.0.2.0.10-1.el9.ML.1 (AXSA:2026-154:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-154:04 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

ALSA-2026:0933 Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpng:...

java-21-openjdk security update

An update is available for java-21-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environme...

RLSA-2026:0928 Important: java-21-openjdk security update

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpng:...

RockyLinux 8 : java-21-openjdk (RLSA-2026:0928)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0928 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

Important: Red Hat Security Advisory: java-21-openjdk security update

An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9.4 Extended Update Support, Red Hat Enterprise Linux 9.6 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: java-17-openjdk security update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications...

ALSA-2026:0927 Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpn...

MiracleLinux 8 : libpng-1.6.34-9.el8_10 (AXSA:2026-006:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-006:01 advisory. libpng: LIBPNG buffer overflow CVE-2025-64720 libpng: LIBPNG heap buffer overflow CVE-2025-65018 libpng: LIBPNG out-of-bounds read in...

EUVD-2004-0766

Malware in sbrugna...

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager IP Edition

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0.1.10 that is used by IBM Tivoli Network Manager IP Edition 4.2. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and they include the vulnerability commonly referred to as...

Security Bulletin: IBM Forms Viewer may be affected by a known issue with libpng library (CVE-2015-8126, CVE-2015-8472)

Summary An IBM Form XFDL document that contains a specially crafted PNG image can crash IBM Forms Viewer. This can occur based on the Viewer's use of this library. Vulnerability Details CVEID: CVE-2015-8126 DESCRIPTION: libpng is vulnerable to a buffer overflow, caused by improper bounds checking...

SUSE-SU-2016:0770-1 Security update for java-1_6_0-ibm

This update for java-160-ibm fixes the following issues by updating to 6.0-16.20 bsc963937 - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack wh...

SUSE-SU-2016:0433-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues by updating to 7.0-9.30 bsc963937: - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack wh...

libpng: buffer overflow

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

libpng buffer overflow in png_set_PLTE

libpng reports: CVE for a vulnerability in libpng, all versions, in the pngsetPLTE/pnggetPLTE functions. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bitdepth less than 8. Some applications might read the bit depth from the IHDR chunk and...

CVE-2015-0973

Buffer overflow in the pngreadIDATdata function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495...

PT-2015-3269 · Libpng +2 · Libpng +2

Name of the Vulnerable Software and Affected Versions: libpng versions prior to 1.5.21 libpng versions 1.6.x prior to 1.6.16 Description: The issue is caused by a buffer overflow in the png read IDAT data function in pngrutil.c of the libpng library. This can be exploited by a remote attacker to...

LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit

No description provided by source. include stdio.h include stdlib.h include png.h / The pngjmpbuf macro, used in error handling, became available in libpng version 1.0.6. If you want to be able to run your code with older versions of libpng, you must define the macro yourself but only if it is no...

Fedora 15 : libpng10-1.0.58-1.fc15 (2012-3536)

A type conversion flaw leading to an out-of-bounds heap buffer read was found in the way libpng10, a library of functions for manipulation PNG image format files, performed expansion of certain iCCP, iTXt, and zTXt PNG image file chunks. A remote attacker could provide a specially crafted Portabl...