Lucene search
K

66 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: fltk / teckit (CVE-2015-2158)

The version of fltk / teckit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-2158 advisory. - Off-by-one error in the pngcrushmeasureidat function in pngcrush.c in pngcrush before 1.7.84 allows...

7.8CVSS6.3AI score0.02771EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-0291

Malware in sbrugna...

9.3CVSS8AI score0.01716EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2267

Malware in sbrugna...

7.8CVSS7.5AI score0.02771EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-7601

Malware in sbrugna...

9.8CVSS9.2AI score0.02191EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2025/03/14 7:0 a.m.6 views

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service

...

7.8CVSS7.6AI score0.02771EPSS
Exploits0
OSV
OSV
added 2024/06/15 12:0 a.m.5 views

OPENSUSE-SU-2024:10351-1 pngcrush-1.7.92-1.5 on GA media

These are all security issues fixed in the pngcrush-1.7.92-1.5 package on the GA media of openSUSE Tumbleweed...

9.8CVSS9.5AI score0.02191EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.9 views

RHEL 7 : pngcrush (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pngcrush: double-free in sPLT and png.c file CVE-2015-7700 Note that Nessus has not tested for this issue but has...

9.8CVSS9.5AI score0.02191EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.16 views

Ubuntu 16.04 ESM : pngcrush vulnerability (USN-5236-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5236-1 advisory. Brian Carpenter discovered that pngcrush incorrectly handled specially crafted file. An attacker could possibly use this issue to cause a denial of service. Tenab...

9.8CVSS8.2AI score0.02191EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.4 views

SUSE CVE-2015-7700

Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...

9.8CVSS7.3AI score0.02191EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.12 views

Ubuntu: Security Advisory (USN-5236-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.02191EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.9 views

Mageia: Security Advisory (MGASA-2015-0101)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.02771EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2022/01/19 1:43 p.m.24 views

USN-5236-1: pngcrush vulnerability

Brian Carpenter discovered that pngcrush incorrectly handled specially crafted file. An attacker could possibly use this issue to cause a denial of service...

9.8CVSS8.2AI score0.02191EPSS
Exploits0
OSV
OSV
added 2022/01/19 1:43 p.m.6 views

USN-5236-1 A security issue was fixed in pngcrush

Brian Carpenter discovered that pngcrush incorrectly handled specially crafted file. An attacker could possibly use this issue to cause a denial of service...

9.8CVSS7.3AI score0.02191EPSS
Exploits0References2
OSV
OSV
added 2019/02/18 11:52 p.m.17 views

GHSA-G93H-75M9-3QQ4 pngcrush-installer downloads Resources over HTTP

Affected versions of pngcrush-installer insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

8.1CVSS8.1AI score0.01716EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2019/02/18 11:52 p.m.32 views

pngcrush-installer downloads Resources over HTTP

Affected versions of pngcrush-installer insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

9.3CVSS8.1AI score0.01716EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2018/05/31 12:0 a.m.3 views

pngcrush-installer code execution vulnerability

pngcrush-installer is the installer for pngcrush. A security vulnerability exists in versions of pngcrush-installer prior to 1.8.10 that originates when the program downloads binary resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requested binary...

9.3CVSS7.1AI score0.01716EPSS
Exploits0References1
NVD
NVD
added 2018/05/29 8:29 p.m.13 views

CVE-2016-10570

pngcrush-installer is an installer for Pngcrush. pngcrush-installer versions below 1.8.10 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary ...

9.3CVSS8.4AI score0.01716EPSS
Exploits0References1
OSV
OSV
added 2018/05/29 8:29 p.m.16 views

CVE-2016-10570

pngcrush-installer is an installer for Pngcrush. pngcrush-installer versions below 1.8.10 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary ...

8.1CVSS8.6AI score
Exploits0References1
Prion
Prion
added 2018/05/29 8:29 p.m.8 views

Remote code execution

pngcrush-installer is an installer for Pngcrush. pngcrush-installer versions below 1.8.10 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary ...

9.3CVSS8AI score0.01716EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/05/29 8:0 p.m.53 views

CVE-2016-10570

The CVE-2016-10570 entry concerns pngcrush-installer, the installer for Pngcrush. The vulnerability arises in versions below 1.8.10 that download binary resources over HTTP. This insecure download path enables an attacker with network access or a privileged network position to perform a MITM inte...

9.3CVSS8.2AI score0.01716EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder