Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 6:19 p.m.18 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS7.6AI score0.00867EPSS
Exploits0References6
OSV
OSV
added 2026/04/15 2:35 p.m.6 views

SUSE-SU-2026:1368-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. - CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and...

7.6CVSS6.5AI score0.01052EPSS
Exploits1References5
OSV
OSV
added 2026/03/27 2:4 p.m.5 views

OESA-2026-1755 gstreamer1-plugins-base security update

Security Fixes: GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

7.8CVSS7.6AI score0.00867EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/26 4:48 p.m.4 views

CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

7.5CVSS5.9AI score0.01052EPSS
Exploits1References6
OSV
OSV
added 2025/12/11 5:26 a.m.4 views

USN-7924-1 libpng1.6 vulnerabilities

It was discovered that libpng incorrectly handled memory when processing certain PNG files, which could result in an out-of-bounds memory access. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash,...

7.1CVSS6.4AI score0.00352EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2015/12/09 1:35 p.m.5 views

libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

7.5CVSS7.8AI score0.10339EPSS
Exploits0References4
Rows per page
Query Builder