Lucene search
K

763 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.55, there was an out-of-bounds read vulnerability in the pngsetquantize API function. When this function is called without a histogram and th...

8.3CVSS6.9AI score0.00955EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

RHEL 9 : libpng (RHSA-2026:28255)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28255 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security...

7.6CVSS6.8AI score0.01052EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/23 10:46 p.m.10 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.1AI score0.00585EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/23 10:46 p.m.8 views

Moderate: Red Hat Security Advisory: libpng security update

An update for libpng is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.6CVSS6.4AI score0.01052EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/23 5:55 p.m.6 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.5AI score0.00585EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in fly-wm

The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to cause a service failure...

6CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in fly-wm

The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to the manipulation of the zero pointer. Exploiting this vulnerability allows an attacker to cause a service failure...

6CVSS5.7AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in fly-wm

The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to cause a service failure...

6CVSS5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.46 views

Astra Linux – Vulnerability in fly-wm

The vulnerability of the fly-adjust-palette utility in the window graphical manager fly-wm is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

6.2CVSS5.9AI score
Exploits0References2
Mageia
Mageia
added 2026/06/18 6:4 p.m.6 views

Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.6AI score0.00867EPSS
Exploits0References3
OSV
OSV
added 2026/06/18 6:4 p.m.4 views

MGASA-2026-0222 Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.5AI score0.00867EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/13 1:38 a.m.9 views

Updated libpng packages fix security vulnerabilities

LIBPNG has a use-after-free in pngsetPLTE, pngsettRNS and pngsethIST leading to corrupted chunk data and potential heap information disclosure. CVE-2026-34757 Chunk smuggling in push-mode APNG parser via unconsumed chunk body. CVE-2026-40930...

5.4CVSS5.4AI score0.00202EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.6 views

EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-2250)

According to the versions of the libpng packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In...

7.6CVSS6.4AI score0.01052EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.8 views

EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-2212)

According to the versions of the libpng packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In...

7.6CVSS6.4AI score0.01052EPSS
Exploits1References3
Snyk
Snyk
added 2026/06/04 2:26 p.m.13 views

Use of Weak Hash

Overview streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a weak hash algorithm in the hashing.py process of the Palette Handler component. An attacker can compromise data integrity or cause unintend...

5.7CVSS4.9AI score0.00083EPSS
Exploits0References2
PyPA
PyPA
added 2026/06/04 12:16 p.m.7 views

PYSEC-2026-212

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS4.5AI score0.00083EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2026/06/04 12:16 p.m.13 views

CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS0.00083EPSS
Exploits0References7
PyPA
PyPA
added 2026/06/04 12:16 p.m.7 views

PYSEC-0000-CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS4.2AI score0.00083EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/06/04 12:16 p.m.5 views

PYSEC-2026-212

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

4.7CVSS4AI score0.00083EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 p.m.6 views

CVE-2026-10804

A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation leads to use of weak hash. Local access is required to approach this attack. The attack requires a...

3.6CVSS5AI score0.00083EPSS
Exploits0References7
Rows per page
Query Builder