Lucene search
K

15 matches found

OSV
OSV
added 2026/02/18 4:49 p.m.7 views

CLSA-2026-1771408532 java-21-openjdk: Fix of 3 CVEs

Update to jdk-21.0.10+7 - CVE-2026-21945: fix possible DOS - CVE-2025-65018: fix libpng heap buffer overflow in pngimagefinishread when processing 16-bit interlaced PNGs with 8-bit output format - CVE-2025-64720: fix libpng out-of-bounds read in pngimagereadcomposite when processing palette...

7.5CVSS6.6AI score0.00864EPSS
Exploits5References1
UbuntuCve
UbuntuCve
added 2026/01/27 4:16 p.m.7 views

CVE-2025-28164

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct function...

5.5CVSS5.9AI score0.00139EPSS
Exploits1References4
OSV
OSV
added 2026/01/27 12:0 a.m.4 views

CVE-2025-28164

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct function...

5.5CVSS5.3AI score0.00139EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-37644

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in...

5.5CVSS5.7AI score0.0027EPSS
Exploits1References2
OSV
OSV
added 2024/01/11 8:15 a.m.6 views

CVE-2023-37644

SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...

5.5CVSS5.8AI score0.0027EPSS
Exploits1References1
OSV
OSV
added 2024/01/11 8:15 a.m.3 views

UBUNTU-CVE-2023-37644

SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in pngreadchunk in lib/png.c...

5.5CVSS5.8AI score0.0027EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

SWFTools 安全漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files. The SWFTools version suffers from a buffer overflow vulnerability that stems from a boundary error in the pngreadchunk function when processing png files. An attacker could exploit the vulnerability to trigger a...

5.5CVSS7.1AI score0.0027EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-2756

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service CPU consumption via a crafted PNG image with truncated data, which causes an infinite loop in the pngreadinfo function in libpng...

4.3CVSS6.2AI score0.04267EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.5 views

SUSE CVE-2018-14048

An issue has been found in libpng 1.6.34. It is a SEGV in the function pngfreedata in png.c, related to the recommended error handling for pngreadimage...

3.3CVSS7.6AI score0.03009EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.5 views

PT-2022-22553 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools affected versions not specified Description: A heap-buffer overflow issue was discovered in SWFTools via the png read header function at /src/png2swf.c. Recommendations: At the moment, there is no information about a newer version th...

5.5CVSS5.3AI score0.00312EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2022/03/03 12:15 a.m.2 views

CVE-2021-44343

David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function okpngreaddata in "/okpng.c"...

7.8CVSS7.1AI score0.00719EPSS
Exploits1References2
OSV
OSV
added 2021/01/13 9:56 p.m.8 views

OSV-2017-41 Heap-buffer-overflow in OSS_FUZZ_png_combine_row

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3606 Crash type: Heap-buffer-overflow WRITE 4 Crash state: OSSFUZZpngcombinerow OSSFUZZpngreadrow start...

7.2AI score
Exploits0References1
ossfuzz
ossfuzz
added 2019/06/19 10:43 p.m.18 views

imagemagick/ping_icon_fuzzer: Use-of-uninitialized-value in png_crc_finish

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5751794220662784 Project: imagemagick Fuzzer: libFuzzerimagemagickpingiconfuzzer Fuzz target binary: pingiconfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

7AI score
Exploits0Affected Software1
OSV
OSV
added 2018/07/13 4:29 p.m.3 views

ALPINE-CVE-2018-14048

An issue has been found in libpng 1.6.34. It is a SEGV in the function pngfreedata in png.c, related to the recommended error handling for pngreadimage...

6.5CVSS8.5AI score0.03009EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2009/03/05 12:10 a.m.6 views

libpng arbitrary free() flaw

The PNG reference library aka libpng before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file that triggers a free of an...

6.8CVSS7.5AI score0.04825EPSS
Exploits2References4
Rows per page
Query Builder