Lucene search
K

8 matches found

Mageia
Mageia
added 2025/12/01 10:1 p.m.13 views

Updated libpng packages fix security vulnerabilities

LIBPNG is vulnerable to a heap buffer overflow in pngdoquantize via malformed palette index. CVE-2025-64505 LIBPNG is vulnerable to a heap buffer over-read in pngwriteimage8bit with grayscale+alpha or RGB/RGBA images. CVE-2025-64506 LIBPNG is vulnerable to a buffer overflow in pngimagereadcomposi...

7.1CVSS7.6AI score0.00281EPSS
Exploits5References2
Microsoft CVE
Microsoft CVE
added 2025/11/27 9:3 a.m.6 views

LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`

...

7.1CVSS7AI score0.00224EPSS
Exploits4
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9495

Heap-based buffer overflow in the pngcombinerow function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image...

10CVSS8.3AI score0.03889EPSS
Exploits0References8
OSV
OSV
added 2021/01/13 9:56 p.m.8 views

OSV-2017-67 Heap-buffer-overflow in OSS_FUZZ_png_combine_row

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3608 Crash type: Heap-buffer-overflow WRITE Crash state: OSSFUZZpngcombinerow OSSFUZZpngreadrow start...

7.2AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.9 views

The vulnerability of the libpng library, which allows a hacker to execute arbitrary code

The vulnerability of the pngcombinerow function in the libpng library arises due to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted PNG file...

10CVSS8.3AI score0.03889EPSS
Exploits0References10Affected Software2
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.40 views

SUSE SLED12 / SLES12 Security Update : libpng16 (SUSE-SU-2015:0092-1)

This update fixes the following security issues : - CVE-2014-9495: libpng versions heap overflow vulnerability, that under certain circumstances could be exploit. bnc912076 - CVE-2015-0973: A heap-based overflow was found in the pngcombinerow function of the libpng library, when very large...

10CVSS7.5AI score0.04308EPSS
Exploits2References7
UbuntuCve
UbuntuCve
added 2015/01/10 7:59 p.m.47 views

CVE-2014-9495

Heap-based buffer overflow in the pngcombinerow function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image...

10CVSS7.7AI score0.03889EPSS
Exploits0References3
CNVD
CNVD
added 2014/12/31 12:0 a.m.1 views

libpng 'png_combine_row()' buffer overflow vulnerability

libpng is a library of functions for parsing the PNG graphics format used by various applications. A buffer overflow vulnerability exists in libpng 'pngcombinerow' because it fails to properly validate user-supplied input. An attacker could use these vulnerabilities to execute arbitrary code in t...

10CVSS8.2AI score0.03889EPSS
Exploits0References1
Rows per page
Query Builder