Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Mageia
Mageiaadded yesterday6 views

Updated libpng packages fix security vulnerabilities

LIBPNG has a use-after-free in pngsetPLTE, pngsettRNS and pngsethIST leading to corrupted chunk data and potential heap information disclosure. CVE-2026-34757 Chunk smuggling in push-mode APNG parser via unconsumed chunk body. CVE-2026-40930...

5.4CVSS5.4AI score0.00034EPSS
Exploits0References5
OSV
OSVadded 2026/04/09 3:16 p.m.0 views

UBUNTU-CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00008EPSS
Exploits1References4
AlpineLinux
AlpineLinuxadded 2026/03/26 4:48 p.m.2 views

CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS5.9AI score0.00026EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2023/02/15 6:13 a.m.2 views

SUSE CVE-2006-5793

The sPLT chunk handling code pngsetsPLT function in pngset.c in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service crash via malformed sPLT chunks that trigger an out-of-bounds read...

2.6CVSS8.6AI score0.0169EPSS
Exploits1References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:33 a.m.2 views

SUSE CVE-2013-6954

The pngdoexpandpalette function in libpng before 1.6.8 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via 1 a PLTE chunk of zero bytes or 2 a NULL palette, related to pngrtran.c and pngset.c...

6.5CVSS8.8AI score0.03546EPSS
Exploits1References13
OSV
OSVadded 2020/09/13 8:15 p.m.2 views

CVE-2020-25291

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x...

7.8CVSS7.2AI score
Exploits0References1
RedHat Linux
RedHat Linuxadded 2014/07/29 3:40 p.m.2 views

libpng: unhandled zero-length PLTE chunk or NULL palette

The pngdoexpandpalette function in libpng before 1.6.8 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via 1 a PLTE chunk of zero bytes or 2 a NULL palette, related to pngrtran.c and pngset.c...

6.5CVSS6.8AI score0.03546EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2007/05/17 9:45 p.m.1 views

libpng DoS

The sPLT chunk handling code pngsetsPLT function in pngset.c in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service crash via malformed sPLT chunks that trigger an out-of-bounds read...

2.6CVSS7.2AI score0.0169EPSS
Exploits1References4
Rows per page
Query Builder