Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netpbm netpbm vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-2586
A null pointer dereference vulnerability was found in netpbm prior to 10.61. A maliciously crafted SVG file could cause the application to crash.
Netpbm Project Netpbm
4.3
CVSSv2
CVE-2018-8975
The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm up to and including 10.81.03 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.
Netpbm Project Netpbm
4.3
CVSSv2
CVE-2017-2587
A memory allocation vulnerability was found in netpbm prior to 10.61. A maliciously crafted SVG file could cause the application to crash.
Netpbm Project Netpbm
6.8
CVSSv2
CVE-2017-2579
An out-of-bounds read vulnerability was found in netpbm prior to 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
Netpbm Project Netpbm 10.61.00
6.8
CVSSv2
CVE-2017-2580
An out-of-bounds write vulnerability was found in netpbm prior to 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
Netpbm Project Netpbm 10.61.00
4.3
CVSSv2
CVE-2017-5849
tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote malicious users to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height values.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Netpbm Project Netpbm 10.47.63
4.6
CVSSv2
CVE-2005-3662
Off-by-one buffer overflow in pnmtopng prior to 2.39, when using the -alpha command line option (Alphas_Of_Color), allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
Greg Roelofs Pnmtopng 2.37.5
Greg Roelofs Pnmtopng 2.37.6
Greg Roelofs Pnmtopng 2.37.3
Greg Roelofs Pnmtopng 2.37.4
Greg Roelofs Pnmtopng 2.38
4.3
CVSSv2
CVE-2007-2721
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) prior to 1.900 allows remote user-assisted malicious users to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using...
Jasper Jpeg-2000 Jasper Jpeg-2000
7.5
CVSSv2
CVE-2006-3662
SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote malicious users to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." Howe...
Adaptive Technology Resource Centre Atutor 1.5.3
1 EDB exploit
9.3
CVSSv2
CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent malicious users to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
Jasper Project Jasper 1.900.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »