CVE-2024-41438

MEDIUM Year: 2024
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-122
View all →

Vulnerability Description

A heap buffer overflow in the function cp_stored() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.

Related Vulnerabilities

CVE-2024-28572

MEDIUM
CVSS:6.2(Medium)

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_SetTagValue() function when reading images in JPEG ...

CWE-1222024

CVE-2024-34250

MEDIUM
CVSS:6.2(Medium)

A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br" f...

CWE-1222024

CVE-2024-41440

MEDIUM
CVSS:6.2(Medium)

A heap buffer overflow in the function png_quantize() of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.

CWE-1222024

CVE-2025-31177

MEDIUM
CVSS:6.2(Medium)

gnuplot is affected by a heap buffer overflow at function utf8_copy_one.

CWE-1222025

CVE-2022-0518

MEDIUM
CVSS:6.3(Medium)

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.

CWE-1222022