Oracle Linux 10 : libpng (ELSA-2026-18064)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18064 advisory. 2:1.6.40-8.4 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161324 Tenable has extracted the preceding descriptio...

CLSA-2026-1778928586 libpng: Fix of CVE-2026-34757

CVE-2026-34757: use-after-free in pngsetPLTE, pngsettRNS, pngsethIST, pngsettext, pngsetsPLT and pngsetunknownchunks when the caller passes the pointer returned by the corresponding getter back to the setter...

SUSE-SU-2026:1601-1 Security update for libpng16

This update for libpng16 fixes the following issue: - CVE-2026-34757: information disclosure and data corruption due to use-after-free in pngsetPLTE, pngsettRNS and pngsethIST bsc1261957...

SUSE SLES15 Security Update : libpng16 (SUSE-SU-2026:1323-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1323-1 advisory. - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. Tenable...

SUSE-SU-2026:1311-1 Security update for libpng16

This update for libpng16 fixes the following issue: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754...

Important: libpng12

Issue Overview: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single...

OPENSUSE-SU-2026:20466-1 Security update for libpng16

This update for libpng16 fixes the following issues: - CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. - CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the pngsettRNS and pngsetPLTE functions, where a heap-allocated buffer is aliased between two structures with independent lifetimes. An attacker can cause memory corruption or potentially execute arbitrary code by...

SUSE CVE-2015-8472

Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...

Huawei EulerOS: Security Advisory for libpng12 (EulerOS-SA-2019-1391)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : libpng10-1.0.64-1.fc22 (2015-ec2ddd15d7)

An out-of-bounds read in pngconverttorfc1123 in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory CVE-2015-7981. Buffer overflow vulnerabilities in functions pnggetPLTE/pngsetPLTE, allowing remote attackers to cause DoS to application or...

CVE-2015-8472

Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...

Buffer overflow

Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...

CVE-2015-8472

Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...

openSUSE Security Update : libpng12 (openSUSE-2015-902)

This update fixes the following security issue : - CVE-2015-8126 Buffer overflow vulnerabilities in pnggetPLTE/pngsetPLTE functions bsc954980 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : libpng16 (openSUSE-2015-825)

The libpng16 package was updated to fix the following security issue : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in pnggetPLTE/pngsetPLTE functions bsc954980. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

[SECURITY] [DSA 3399-1] libpng security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3399-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 18, 2015 https://www.debian.org/security/faq -...

SUSE-SU-2015:2013-1 Security update for libpng16

The libpng16 package was updated to fix the following security issue: - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in pnggetPLTE/pngsetPLTE functions bsc954980...

libpng png_set_PLTE()和png_get_PLTE()缓冲区溢出漏洞

No description provided by source...

libpng: multiple issues

CVE-2015-7981 out-of-bounds read This is an array indexing error, which can lead to an out-of-bounds read of a static buffer. The result is now unsigned no longer negative, but now a huge positive number. - CVE-2015-8126 arbitrary code execution Buffer overflow vulnerabilities in functions...