Lucene search
K

35 matches found

Snyk
Snyk
added 2026/03/10 9:5 p.m.9 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.6CVSS6AI score0.00123EPSS
Exploits0References2
OSV
OSV
added 2025/12/03 9:15 p.m.7 views

AZL-71461 CVE-2025-66293 affecting package libpng12 1.2.57-16

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

7.1CVSS7.1AI score0.00299EPSS
Exploits2References1
OSV
OSV
added 2025/12/03 9:15 p.m.8 views

AZL-71644 CVE-2025-66293 affecting package qt5-qtbase for versions less than 5.12.11-19

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

7.1CVSS6.3AI score0.00299EPSS
Exploits2References1
OSV
OSV
added 2025/12/03 9:15 p.m.5 views

AZL-71491 CVE-2025-66293 affecting package libpng12 1.2.57-16

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

7.1CVSS6.3AI score0.00299EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/11/24 11:41 p.m.13 views

CVE-2025-64506 LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngwriteimage8bit function when processing 8-bit images through t...

6.1CVSS0.00118EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2017-0054

Malware in sbrugna...

5.5CVSS7AI score0.01598EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2015-0118

Malware in sbrugna...

4.3CVSS6.2AI score0.15351EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2009-2290

Malware in sbrugna...

7.5CVSS6.1AI score0.02502EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-8980

Malicious code in bioql PyPI...

8.8CVSS8.2AI score0.01004EPSS
Exploits1References1
F5 Networks
F5 Networks
added 2025/09/29 9:28 p.m.25 views

K000156683: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2014-9828 coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. CVE-2014-9829 coders/sun.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds access via a crafted sun file...

9.8CVSS7.2AI score0.03734EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:53 p.m.8 views

CVE-2021-44342

David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow via function okpngtransformscanline in "/okpng.c:494"...

7.8CVSS7AI score0.00719EPSS
Exploits1
OSV
OSV
added 2022/07/06 4:15 p.m.3 views

UBUNTU-CVE-2021-3695

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...

4.5CVSS7.2AI score0.00462EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 3:31 p.m.3 views

exiv2: information leak via a crafted file

In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...

6.5CVSS5.9AI score0.02363EPSS
Exploits1References4
NVD
NVD
added 2019/12/24 1:15 a.m.19 views

CVE-2019-19952

In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function MngInfoDiscardObject of coders/png.c, related to ReadOneMNGImage...

9.8CVSS9.4AI score0.0223EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2019/06/03 8:52 p.m.4 views

libpng: use-after-free in png_image_free in png.c

A vulnerability was found in libpng where a use-after-free issue exists in the pngimagefree function within png.c. This vulnerability can be exploited by persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service...

5.3CVSS7.2AI score0.09393EPSS
Exploits3References4
Mageia
Mageia
added 2019/04/05 6:12 p.m.31 views

Updated advancecomp packages fix security vulnerability

advancecomp has been updated to fix a security issue that could be triggered when pressented with a malformed PNG file. advancecomp contained an integer overflow upon encountering an invalid PNG size, which could result in a buffer overflow CVE-2019-9210, as well as a heap-based buffer over-read...

7.8CVSS3.1AI score0.01424EPSS
Exploits1References2
NVD
NVD
added 2018/11/26 2:29 a.m.16 views

CVE-2018-19535

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunkint.cpp may cause a denial of service application crash due to a heap-based buffer over-read via a crafted PNG file...

6.5CVSS6.3AI score0.02087EPSS
Exploits1References6
CNVD
CNVD
added 2018/08/23 12:0 a.m.4 views

Geutebrueck re_porter cross-site scripting vulnerability

Geutebrueck is a video management system from GEUREBRÜCK, Germany. sreporter is one of the hybrid recorders for digital storage and video signal transmission for MPEG4 CCTV-Standard. A cross-site scripting vulnerability exists in Geutebrueck reporter 16 versions prior to 7.8.974.20. A remote...

6.1CVSS5.9AI score0.02606EPSS
Exploits5References1
NVD
NVD
added 2018/03/05 10:29 p.m.21 views

CVE-2017-18219

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large pngpixels array allocation...

6.5CVSS6.5AI score0.03526EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2018/03/05 10:0 p.m.29 views

CVE-2017-18219

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large pngpixels array allocation...

6.5CVSS7AI score0.03526EPSS
Exploits1
Rows per page
Query Builder