Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libgd vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2016-9317
The gdImageCreate function in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to cause a denial of service (system hang) via an oversized image.
Libgd Libgd
5.3
CVSSv3
CVE-2019-11038
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value o...
Libgd Libgd 2.2.5
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 32
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Desktop 12
Opensuse Leap 15.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Redhat Enterprise Linux 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
NA
CVE-2016-1000102
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5387. Reason: This candidate is a duplicate of CVE-2016-5387. Notes: All CVE users should reference CVE-2016-5387 instead of this candidate. All references and descriptions in this candidate have been removed...
NA
CVE-2015-0848
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
Wvware Libwmf 0.2.8.4
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
NA
CVE-2015-4588
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Wvware Libwmf 0.2.8.4
Fedoraproject Fedora 21
NA
CVE-2014-5120
gd_ctx.c in the GD component in PHP 5.4.x prior to 5.4.32 and 5.5.x prior to 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote malicious users to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd...
Php Php 5.4.0
Php Php 5.4.12
Php Php 5.4.13
Php Php 5.4.18
Php Php 5.4.19
Php Php 5.4.25
Php Php 5.4.26
Php Php 5.4.4
Php Php 5.4.5
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.12
Php Php 5.5.11
Php Php 5.5.0
Php Php 5.4.10
Php Php 5.4.11
Php Php 5.4.15
Php Php 5.4.21
Php Php 5.4.22
Php Php 5.4.29
Php Php 5.4.3
Php Php 5.4.9
NA
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and previous versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Php Php
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Eus 6.5
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Eus 7.7
NA
CVE-2012-1571
file prior to 5.11 and libmagic allow remote malicious users to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
Tim Robbins Libmagic
Christos Zoulas File
NA
CVE-2009-3546
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x prior to 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote malicious users to conduct buffer overflow or buffer over-read attacks via a cra...
Libgd Gd Graphics Library 2.0.34
Libgd Gd Graphics Library 2.0.33
Libgd Gd Graphics Library 2.0.35
Libgd Gd Graphics Library 2.0.36
Php Php 5.2.11
Php Php 5.3.0
NA
CVE-2007-3996
Multiple integer overflows in libgd in PHP prior to 5.2.4 allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or...
Php Php
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »