Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netpbm vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-2587
A memory allocation vulnerability was found in netpbm prior to 10.61. A maliciously crafted SVG file could cause the application to crash.
Netpbm Project Netpbm
4.3
CVSSv2
CVE-2018-8975
The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm up to and including 10.81.03 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.
Netpbm Project Netpbm
7.5
CVSSv2
CVE-2005-2471
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted malicious users to execute arbitrary commands.
Netpbm Netpbm 2.10.0.8
6.8
CVSSv2
CVE-2017-2579
An out-of-bounds read vulnerability was found in netpbm prior to 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
Netpbm Project Netpbm 10.61.00
6.8
CVSSv2
CVE-2017-2580
An out-of-bounds write vulnerability was found in netpbm prior to 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
Netpbm Project Netpbm 10.61.00
4.3
CVSSv2
CVE-2017-5849
tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote malicious users to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height values.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Netpbm Project Netpbm 10.47.63
4.6
CVSSv2
CVE-2005-3662
Off-by-one buffer overflow in pnmtopng prior to 2.39, when using the -alpha command line option (Alphas_Of_Color), allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
Greg Roelofs Pnmtopng 2.37.5
Greg Roelofs Pnmtopng 2.37.6
Greg Roelofs Pnmtopng 2.37.3
Greg Roelofs Pnmtopng 2.37.4
Greg Roelofs Pnmtopng 2.38
4.3
CVSSv2
CVE-2007-2721
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) prior to 1.900 allows remote user-assisted malicious users to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using...
Jasper Jpeg-2000 Jasper Jpeg-2000
7.5
CVSSv2
CVE-2006-3662
SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote malicious users to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." Howe...
Adaptive Technology Resource Centre Atutor 1.5.3
1 EDB exploit
9.3
CVSSv2
CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent malicious users to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
Jasper Project Jasper 1.900.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »