Lucene search
K

31 matches found

Vulnrichment
Vulnrichment
added 2026/04/30 1:16 p.m.4 views

CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"

Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...

5.5AI score0.0081EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/04/24 10:14 a.m.8 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS7.1AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/22 1:51 p.m.50 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS7AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/08 12:41 p.m.6 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS6.3AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/08 12:15 p.m.6 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS6.1AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/08 12:4 p.m.8 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS6.1AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/02 12:18 p.m.4 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS6.1AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/17 9:57 a.m.3 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS5.9AI score0.00955EPSS
Exploits1References7
Snyk
Snyk
added 2026/03/13 8:41 p.m.8 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the RIFF parser when handling palette data in AVI files. An attacker can execute arbitrary code by convincing a user to open a specially crafted AVI file with an application linked against the affected...

8.4CVSS7.5AI score0.00867EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/11 11:23 a.m.3 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS5.9AI score0.00955EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/10 6:24 p.m.7 views

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

8.3CVSS5.9AI score0.00955EPSS
Exploits1References7
Amazon
Amazon
added 2026/03/05 12:0 a.m.6 views

Medium: libpng

Issue Overview: libpng: An out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to...

8.3CVSS5.8AI score0.00955EPSS
Exploits1
OSV
OSV
added 2026/02/10 6:16 p.m.4 views

ALPINE-CVE-2026-25646

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...

8.1CVSS5.9AI score0.00955EPSS
Exploits1References1
OSV
OSV
added 2026/02/10 6:16 p.m.8 views

AZL-77474 CVE-2026-25646 affecting package libpng15 1.5.30-15

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...

8.3CVSS6AI score0.00955EPSS
Exploits1References1
OSV
OSV
added 2026/02/10 6:16 p.m.9 views

AZL-77460 CVE-2026-25646 affecting package libpng12 1.2.57-16

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...

8.3CVSS6AI score0.00955EPSS
Exploits1References1
NVD
NVD
added 2026/02/10 6:16 p.m.7 views

CVE-2026-25646

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...

8.3CVSS0.00955EPSS
Exploits1References55
UbuntuCve
UbuntuCve
added 2026/02/10 6:16 p.m.8 views

CVE-2026-25646

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...

8.3CVSS6.1AI score0.00955EPSS
Exploits1References6
OSV
OSV
added 2026/02/10 6:16 p.m.4 views

UBUNTU-CVE-2026-25646

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of...

8.3CVSS5.8AI score0.00955EPSS
Exploits1References7
OSV
OSV
added 2023/06/28 5:3 p.m.6 views

DRUPAL-CONTRIB-2023-024

This module enables you to create dynamic layouts and add sample color palettes for color selection hints via its UI. The module doesn't sufficiently sanitize the module's settings in certain scenarios leading to a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact th...

6.3AI score
Exploits0References1
Drupal
Drupal
added 2023/06/28 12:0 a.m.13 views

GridStack - Less critical - Cross Site Scripting - SA-CONTRIB-2023-024

This module enables you to create dynamic layouts and add sample color palettes for color selection hints via its UI. The module doesn't sufficiently sanitize the module's settings in certain scenarios leading to a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact th...

6.3AI score
Exploits0References6
Rows per page
Query Builder