15 matches found
CLSA-2026-1771408532 java-21-openjdk: Fix of 3 CVEs
Update to jdk-21.0.10+7 - CVE-2026-21945: fix possible DOS - CVE-2025-65018: fix libpng heap buffer overflow in pngimagefinishread when processing 16-bit interlaced PNGs with 8-bit output format - CVE-2025-64720: fix libpng out-of-bounds read in pngimagereadcomposite when processing palette...
CVE-2025-28164
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct function...
CVE-2025-28164
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct function...
Linux Distros Unpatched Vulnerability : CVE-2023-37644
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in...
CVE-2023-37644
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...
UBUNTU-CVE-2023-37644
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...
SWFTools 安全漏洞
SWFTools is a set of utilities for working with Adobe Flash files SWF files. The SWFTools version suffers from a buffer overflow vulnerability that stems from a boundary error in the pngreadchunk function when processing png files. An attacker could exploit the vulnerability to trigger a...
SUSE CVE-2007-2756
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service CPU consumption via a crafted PNG image with truncated data, which causes an infinite loop in the pngreadinfo function in libpng...
SUSE CVE-2018-14048
An issue has been found in libpng 1.6.34. It is a SEGV in the function pngfreedata in png.c, related to the recommended error handling for pngreadimage...
PT-2022-22553 · Swftools · Swftools
Name of the Vulnerable Software and Affected Versions: SWFTools affected versions not specified Description: A heap-buffer overflow issue was discovered in SWFTools via the png read header function at /src/png2swf.c. Recommendations: At the moment, there is no information about a newer version th...
CVE-2021-44343
David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function okpngreaddata in "/okpng.c"...
OSV-2017-41 Heap-buffer-overflow in OSS_FUZZ_png_combine_row
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3606 Crash type: Heap-buffer-overflow WRITE 4 Crash state: OSSFUZZpngcombinerow OSSFUZZpngreadrow start...
imagemagick/ping_icon_fuzzer: Use-of-uninitialized-value in png_crc_finish
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5751794220662784 Project: imagemagick Fuzzer: libFuzzerimagemagickpingiconfuzzer Fuzz target binary: pingiconfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...
ALPINE-CVE-2018-14048
An issue has been found in libpng 1.6.34. It is a SEGV in the function pngfreedata in png.c, related to the recommended error handling for pngreadimage...
libpng arbitrary free() flaw
The PNG reference library aka libpng before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file that triggers a free of an...