CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43907
https://notcve.org/view.php?id=CVE-2023-43907
OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c. Se descubrió que OptiPNG v0.7.7 contenía un desbordamiento de búfer global a través de la variable 'buffer' en gifread.c. • http://optipng.sourceforge.net https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/optipng-global-buffer-overflow1/optipng-global-buffer-overflow1.md https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBHVG5LDE2K3FZSIK4XFXOUXSE7NZ5JH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCG5CMDT37WCZGAWQNOIPVP4VHGCPUU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAB22JXDE7O27DYARZXC7PFUETM5OOT5 https://sourceforge.net& • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 20%CPEs: 4EXPL: 3CVE-2012-4432
https://notcve.org/view.php?id=CVE-2012-4432
Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction." Vulnerabilidad de error en la gestión de recursos en opngreduc.c en OptiPNG Hg y v0.7.3 podría permitir a atacantes remotos ejecutar código de su elección a través de vectores no especificados, relacionados con "reducción de paleta" • http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2 http://optipng.sourceforge.net http://secunia.com/advisories/50654 http://sourceforge.net/news/?group_id=151404 http://www.openwall.com/lists/oss-security/2012/09/17/5 http://www.openwall.com/lists/oss-security/2012/09/18/2 http://www.securityfocus.com/bid/55566 https://exchange.xforce.ibmcloud.com/vulnerabilities/78743 • CWE-399: Resource Management Errors •