Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gd graphics library vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-9229
An issue exists in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby up to and including 2.4.1 and mbstring in PHP up to and including 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_rang...
Oniguruma Project Oniguruma 6.2.0
Ruby-lang Ruby
Php Php
5
CVSSv2
CVE-2016-9934
ext/wddx/wddx.c in PHP prior to 5.6.28 and 7.x prior to 7.0.13 allows remote malicious users to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.
Php Php 7.0.4
Php Php 7.0.5
Php Php
Php Php 7.0.0
Php Php 7.0.1
Php Php 7.0.8
Php Php 7.0.9
Php Php 7.0.6
Php Php 7.0.7
Php Php 7.0.2
Php Php 7.0.3
Php Php 7.0.10
Php Php 7.0.11
Php Php 7.0.12
5
CVSSv2
CVE-2007-3477
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) prior to 2.0.35 allow malicious users to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
Libgd Gd Graphics Library
Libgd Gd Graphics Library 2.0.35
Libgd Gd Graphics Library 2.0.33
Libgd Gd Graphics Library 2.0.34
4.3
CVSSv2
CVE-2021-40812
The GD Graphics Library (aka LibGD) up to and including 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.
Libgd Libgd
2 Github repositories
4.3
CVSSv2
CVE-2021-38115
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) up to and including 2.3.2 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TGA file.
Libgd Libgd
2 Github repositories
4.3
CVSSv2
CVE-2018-14553
gdImageClone in gd.c in libgd 2.1.0-rc2 up to and including 2.2.5 has a NULL pointer dereference allowing malicious users to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Libgd Libgd
Libgd Libgd 2.1.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2016-6906
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Libgd Libgd
4.3
CVSSv2
CVE-2016-6911
The dynamicGetbuf function in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
Libgd Libgd
4.3
CVSSv2
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and previous versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Php Php
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Eus 6.5
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Eus 7.7
4.3
CVSSv2
CVE-2007-3472
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to have unspecified attack vectors and impact.
Libgd Gd Graphics Library 2.0.33
Libgd Gd Graphics Library 2.0.34
Libgd Gd Graphics Library 2.0.35
Libgd Gd Graphics Library
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »