Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of partial unmapping of the GPU VA region, which could lead to a kernel crash...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the pngimagereadcomposite function when processing valid palette PNG images with partial transparency and gamma correction. An attacker can cause information disclosure or...

AZL-71464 CVE-2025-66293 affecting package libpng15 1.5.30-15

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

DEBIAN-CVE-2025-66293

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

AZL-71485 CVE-2025-66293 affecting package fltk 1.3.5-4

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

AZL-71494 CVE-2025-66293 affecting package libpng15 1.5.30-15

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

ALPINE-CVE-2025-66293

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

AZL-71488 CVE-2025-66293 affecting package gdal 3.6.3-5

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

AZL-71455 CVE-2025-66293 affecting package fltk 1.3.8-1

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

UBUNTU-CVE-2025-66293

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

CVE-2025-66293

CVE-2025-66293 affects the libpng library. The issue is an out-of-bounds read in libpng’s simplified API that occurs while processing valid palette PNG images with partial transparency and gamma correction, allowing reads up to 1012 bytes beyond the png_sRGB_base[512] array. The bug is in libpng’...

CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

png -- Out-of-bounds read

https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f reports: Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency an...

PT-2025-48996

Name of the Vulnerable Software and Affected Versions libpng versions prior to 1.6.52 Description LIBPNG is a library used for reading, creating, and manipulating PNG raster image files. A flaw exists in libpng's simplified API where processing valid palette PNG images with partial transparency a...

EUVD-2025-200134

Incorrect default permissions in Samsung Cloud Assistant prior to version 8.0.03.8 allows local attacker to access partial data in sandbox...

CVE-2025-55174

A flaw was found in Skanpage. This vulnerability allows an attacker to partially overwrite files, resulting in a file containing new content followed by partial old content, due to incorrect use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

Retrieval-Augmented Few-Shot Prompting Versus Fine-Tuning for Code Vulnerability Detection

Few-shot prompting has emerged as a practical alternative to fine-tuning for leveraging the capabilities of large language models LLMs in specialized tasks. However, its effectiveness depends heavily on the selection and quality of in-context examples, particularly in complex domains. In this wor...

CVE-2025-55174

CVE-2025-55174 affects KDE Skanpage prior to 25.08.0. The issue is a file-overwrite condition caused by using QIODevice::ReadWrite instead of QODevice::WriteOnly, which can cause the new file’s contents to appear at the start followed by partial old contents at the end. The vulnerability is local...

CVE-2025-55174

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

CGGMP21 presignatures can be used in the way that significantly reduces security

This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously you could generate a presignature, and then choose a HD derivation path while issuing a partial signature via Presignature::setderivationpath,...