CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

760 matches found

Moderate: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.6CVSS6.4AI score0.01052EPSS

Exploits1References3

RedHat Linux•added yesterday•6 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.1AI score0.00585EPSS

Exploits0References7

RedHat Linux•added yesterday•4 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

7.6CVSS6.5AI score0.00585EPSS

Exploits0References7

AstraLinux•added 5 days ago•2 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.52, there was an out-of-bounds read vulnerability in libpng’s simplified API, allowing for reading of up to 10^12 bytes beyond the...

7.1CVSS6.2AI score0.00294EPSS

Exploits2References2

Mageia•added 2026/06/13 1:38 a.m.•7 views

Updated libpng packages fix security vulnerabilities

LIBPNG has a use-after-free in pngsetPLTE, pngsettRNS and pngsethIST leading to corrupted chunk data and potential heap information disclosure. CVE-2026-34757 Chunk smuggling in push-mode APNG parser via unconsumed chunk body. CVE-2026-40930...

5.4CVSS5.4AI score0.00202EPSS

Exploits0References5

Tenable Nessus•added 2026/06/09 12:0 a.m.•6 views

EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-2212)

According to the versions of the libpng packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In...

7.6CVSS6.4AI score0.01052EPSS

Exploits1References3

Tenable Nessus•added 2026/06/09 12:0 a.m.•5 views

EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-2250)

7.6CVSS6.4AI score0.01052EPSS

Exploits1References3

Snyk•added 2026/06/04 2:26 p.m.•11 views

Use of Weak Hash

Overview streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a weak hash algorithm in the hashing.py process of the Palette Handler component. An attacker can compromise data integrity or cause unintend...

5.7CVSS4.9AI score0.00083EPSS

Exploits0References2

PyPA•added 2026/06/04 12:16 p.m.•5 views

PYSEC-0000-CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS4.2AI score0.00083EPSS

Exploits0References7Affected Software1

NVD•added 2026/06/04 12:16 p.m.•8 views

CVE-2026-10804

4.7CVSS0.00083EPSS

Exploits0References7

PyPA•added 2026/06/04 12:16 p.m.•7 views

PYSEC-2026-212

4.7CVSS4.5AI score0.00083EPSS

Exploits0References7Affected Software1

OSV•added 2026/06/04 12:16 p.m.•5 views

PYSEC-2026-212

4.7CVSS4AI score0.00083EPSS

Exploits0References7

ATTACKERKB•added 2026/06/04 12:0 p.m.•5 views

CVE-2026-10804

3.6CVSS5AI score0.00083EPSS

Exploits0References7

EUVD•added 2026/06/04 12:0 p.m.•14 views

EUVD-2026-34246

3.6CVSS5AI score0.00083EPSS

Exploits0References7

Cvelist•added 2026/06/04 12:0 p.m.•38 views

CVE-2026-10804 Streamlit Palette hashing.py weak hash

3.6CVSS0.00083EPSS

Exploits0References7

Vulnrichment•added 2026/06/04 12:0 p.m.•9 views

CVE-2026-10804 Streamlit Palette hashing.py weak hash

3.6CVSS5AI score0.00083EPSS

Exploits0References7

CVE•added 2026/06/04 12:0 p.m.•15 views

CVE-2026-10804

CVE-2026-10804 affects Streamlit up to 1.53.0, targeting an unknown function in the Palette Handler’s hashing.py (lib/streamlit/runtime/caching/hashing.py). The issue allows use of a weak hash due to the described manipulation, with local access required and a high attack complexity. The exploita...

4.7CVSS5AI score0.00083EPSS

Exploits0References7Affected Software1

CNNVD•added 2026/06/04 12:0 a.m.•5 views

Streamlit 安全漏洞

Streamlit is an open-source data-oriented Python application development framework created by Streamlit. Versions of Streamlit 1.53.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of weak hashing algorithms in the lib/streamlit/runtime/caching/hashing.py...

4.7CVSS4.9AI score0.00083EPSS

Exploits0References7

Positive Technologies•added 2026/06/04 12:0 a.m.•15 views

PT-2026-46190

Name of the Vulnerable Software and Affected Versions Streamlit versions prior to 1.53.0 Description An issue exists in the Palette Handler component within the lib/streamlit/runtime/caching/hashing.py library. Manipulation of an unknown function in this library can lead to the use of a weak hash...

4.7CVSS4.7AI score0.00083EPSS

Exploits0References9