Lucene search
+L

3790 matches found

OSV
OSV
added 4 days ago4 views

CVE-2026-62294 Flameshot: OCTOU symlink attack via predictable /tmp path in Flameshot "Open With"

Flameshot is powerful yet simple to use screenshot software. Prior to 14.0.0, the Open With feature wrote screenshots to a predictable temporary path and followed symlinks, creating a time-of-check to time-of-use race that allowed a local unprivileged attacker on the same machine to pre-plant a...

5.1CVSS6.1AI score0.00101EPSS
Exploits0References6
OSV
OSV
added 6 days ago2 views

SUSE-SU-2026:2878-1 Security update for libpng15

This update for libpng15 fixes the following issue - CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020...

8.3CVSS6.2AI score0.00955EPSS
Exploits1References3
OSV
OSV
added 2026/07/11 2:16 p.m.3 views

UBUNTU-CVE-2026-61858

ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process...

5.3CVSS6.1AI score0.00246EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 2:13 p.m.5 views

PYSEC-2026-719 Out-of-bounds Write in OpenCV

In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android...

7.8CVSS6.1AI score0.00293EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/07/02 6:35 a.m.4 views

SUSE CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

3.7CVSS6AI score0.00284EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 12:34 a.m.12 views

EUVD-2026-40448

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-56365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition...

6.3CVSS6.1AI score0.00284EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.9 views

CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/30 10:8 p.m.9 views

CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...

6.3CVSS5.8AI score0.00284EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:8 p.m.23 views

CVE-2026-56365

ImageMagick before 7.1.2-19 contains a memory leak in the PNG encoder when writing MNG images. Exploitation can exhaust memory resources, leading to denial of service. The issue is tied to the PNG encoder implementation (writing MNG images). No remediation details are included in the provided doc...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/25 10:33 a.m.5 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/06/25 5:11 a.m.14 views

CVE-2026-49460

A flaw was found in pypdf before 6.12.2. A crafted PDF that accesses a stream using the /FlateDecode filter with a PNG predictor can trigger excessively long processing times, leading to denial of service when the document is parsed...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.51 to 1.6.53, there was a potential issue of excessive memory access in the libpng simplified API function pngimagefinishread, when processing...

7.1CVSS6.6AI score0.00172EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability has been fixed in versions 7.1.2-16 and 6.9.13-41...

7.8CVSS7.1AI score0.00123EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.6.36 through 1.6.55, there was an out-of-bounds read and write vulnerability in libpng’s ARM/AArch64 Neon-optimized palette expansion path. When...

7.6CVSS6.8AI score0.00585EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each act as aliases for a heap-allocated buffer between pngstruct and pnginfo. This buffer shares a...

7.5CVSS6.7AI score0.01052EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/24 1:1 p.m.5 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
Rockylinux
Rockylinux
added 2026/06/24 12:5 p.m.11 views

libpng security update

An update is available for libpng. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpng packages contain a library of functions for creating and...

7.6CVSS6.8AI score0.01052EPSS
Exploits1
OSV
OSV
added 2026/06/24 10:8 a.m.4 views

RHSA-2026:28255 Red Hat Security Advisory: libpng security update

Bulletin has no description...

7.6CVSS6.2AI score0.01052EPSS
Exploits1References20
RedHat Linux
RedHat Linux
added 2026/06/23 10:46 p.m.13 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.6AI score0.01052EPSS
Exploits1References10
Rows per page
Query Builder