Lucene search
K

25 matches found

UbuntuCve
UbuntuCve
added 2026/06/01 12:0 a.m.13 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.8AI score0.00384EPSS
Exploits0References7
OSV
OSV
added 2026/05/29 8:16 p.m.6 views

DEBIAN-CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.8AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 8:16 p.m.14 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS0.00384EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/29 6:36 p.m.11 views

CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.8AI score0.00384EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/29 6:36 p.m.12 views

EUVD-2026-33419

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.8AI score0.00384EPSS
Exploits0References4
CVE
CVE
added 2026/05/29 6:36 p.m.43 views

CVE-2026-42500

CVE-2026-42500 affects decoding in golang.org/x/image/bmp for paletted BMP images. The issue is triggered by decoding a BMP with an out-of-range palette index, causing a panic when accessing pixels in the invalid image. Root cause: palette index validation failure during palette/pixel processing....

5.3CVSS5.8AI score0.00384EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/29 6:36 p.m.35 views

CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

0.00384EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/29 6:36 p.m.15 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.8AI score0.00384EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:36 p.m.8 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.8AI score0.00384EPSS
Exploits0References5
OSV
OSV
added 2026/03/13 3:26 p.m.2 views

SUSE-SU-2026:0898-1 Security update for libpng15

This update for libpng15 fixes the following issues: - CVE-2025-64505: heap buffer over-read in 'pngdoquantize' via malformed palette index bsc1254157...

6.1CVSS5.9AI score0.00184EPSS
Exploits2References3
SUSE Linux
SUSE Linux
added 2026/03/13 3:26 p.m.5 views

Security update for libpng15

This update for libpng15 fixes the following issues: CVE-2025-64505: heap buffer over-read in 'pngdoquantize' via malformed palette index bsc1254157. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

6.9CVSS5.9AI score0.00184EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.6 views

SUSE SLES12: libpng16-16 / libpng16-16-32bit / libpng16-compat-devel / etc (SUSE-SU-2025:4533-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4533-1 advisory. - CVE-2025-64720: Fixed buffer overflow in pngimagereadcomposite via incorrect palette premultiplication bsc1254159 - CVE-2025-64505: Fixed hea...

7.1CVSS6.7AI score0.00352EPSS
Exploits5References13
OSV
OSV
added 2025/12/17 1:7 p.m.12 views

SUSE-SU-2025:4432-1 Security update for libpng12

This update for libpng12 fixes the following issues: - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157...

6.1CVSS6.6AI score0.00184EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/12/13 12:0 a.m.4 views

SUSE SLES12: libpng12-0 / libpng12-0-32bit / libpng12-compat-devel / etc (SUSE-SU-2025:4383-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4383-1 advisory. - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157 Tenable has extracted the preceding description...

6.1CVSS6.6AI score0.00184EPSS
Exploits2References4
SUSE Linux
SUSE Linux
added 2025/12/12 1:13 p.m.4 views

Security update for libpng12

This update for libpng12 fixes the following issues: CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.9CVSS7.2AI score0.00184EPSS
Exploits2References4
OSV
OSV
added 2025/12/12 1:13 p.m.4 views

SUSE-SU-2025:4383-1 Security update for libpng12

This update for libpng12 fixes the following issues: - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157...

6.1CVSS7.2AI score0.00184EPSS
Exploits2References3
Microsoft CVE
Microsoft CVE
added 2025/11/26 9:1 a.m.2 views

LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index

...

6.1CVSS7AI score0.00184EPSS
Exploits2
OSV
OSV
added 2025/11/25 12:15 a.m.8 views

ALPINE-CVE-2025-64505

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

6.1CVSS7.1AI score0.00184EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.5 views

SUSE CVE-2012-1499

The JPEG 2000 codec jp2.c in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."...

9.3CVSS8.9AI score0.05139EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-16546

The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service use of uninitialized data or invalid memory allocation or possibly have unspecified other impact via a...

5.9CVSS9.3AI score0.02201EPSS
Exploits0References8
Rows per page
Query Builder