280 matches found
LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index
...
AZL-70880 CVE-2025-64505 affecting package optipng 0.7.8-5
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70763 CVE-2025-64505 affecting package libpng for versions less than 1.6.51-1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
ALPINE-CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70844 CVE-2025-64505 affecting package fltk 1.3.8-1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70909 CVE-2025-64505 affecting package libpng15 1.5.30-15
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70862 CVE-2025-64505 affecting package libpng15 1.5.30-15
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70906 CVE-2025-64505 affecting package libpng12 1.2.57-16
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
AZL-70969 CVE-2025-64505 affecting package libpng for versions less than 1.6.51-1
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
libpng 缓冲区错误漏洞
libpng is an open source PNG reference library from The PNG Development Group that enables creation, reading and writing of PNG graphic files. A buffer error vulnerability exists in libpng versions prior to 1.6.51, which stems from a heap buffer out-of-bounds read in the pngdoquantize function wh...
CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
png -- Multiple vulnerabilities
https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g reports: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow...
[slackware-security] libpng
New libpng packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libpng-1.6.51-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Fixed CVE-2025-64505 moderate severity: Heap buffer...
CVE-2021-37645
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...
CVE-2024-41440
A heap buffer overflow in the function pngquantize of hicolor v0.5.0 allows attackers to cause a Denial of Service DoS via a crafted PNG file...
PT-2024-29402 · Hicolor · Hicolor
Name of the Vulnerable Software and Affected Versions: hicolor version 0.5.0 Description: A heap buffer overflow in the png quantize function allows attackers to cause a Denial of Service DoS via a crafted PNG file. Recommendations: For hicolor version 0.5.0, at the moment, there is no informatio...
TensorFlow vulnerable to heap out-of-buffer read in the QuantizeAndDequantize operation
...
GHSA-GW97-FF7C-9V96 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation
Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...