Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netpbm netpbm vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-2586
A null pointer dereference vulnerability was found in netpbm prior to 10.61. A maliciously crafted SVG file could cause the application to crash.
Netpbm Project Netpbm
5.5
CVSSv3
CVE-2017-2587
A memory allocation vulnerability was found in netpbm prior to 10.61. A maliciously crafted SVG file could cause the application to crash.
Netpbm Project Netpbm
NA
CVE-2005-2471
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted malicious users to execute arbitrary commands.
Netpbm Netpbm 2.10.0.8
7.8
CVSSv3
CVE-2017-2579
An out-of-bounds read vulnerability was found in netpbm prior to 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
Netpbm Project Netpbm 10.61.00
7.8
CVSSv3
CVE-2017-2580
An out-of-bounds write vulnerability was found in netpbm prior to 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
Netpbm Project Netpbm 10.61.00
5.5
CVSSv3
CVE-2017-5849
tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote malicious users to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height values.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Netpbm Project Netpbm 10.47.63
NA
CVE-2005-3662
Off-by-one buffer overflow in pnmtopng prior to 2.39, when using the -alpha command line option (Alphas_Of_Color), allows malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
Greg Roelofs Pnmtopng 2.37.5
Greg Roelofs Pnmtopng 2.37.6
Greg Roelofs Pnmtopng 2.37.3
Greg Roelofs Pnmtopng 2.37.4
Greg Roelofs Pnmtopng 2.38
NA
CVE-2007-2721
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) prior to 1.900 allows remote user-assisted malicious users to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using...
Jasper Jpeg-2000 Jasper Jpeg-2000
NA
CVE-2006-3662
SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote malicious users to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." Howe...
Adaptive Technology Resource Centre Atutor 1.5.3
1 EDB exploit
NA
CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent malicious users to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
Jasper Project Jasper 1.900.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »