Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-2445
The png_handle_tRNS function in pngrutil.c in libpng prior to 1.0.25 and 1.2.x prior to 1.2.17 allows remote malicious users to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.
Png Reference Library Libpng
5
CVSSv2
CVE-2004-0598
The png_handle_iCCP function in libpng 1.2.5 and previous versions allows remote malicious users to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
Greg Roelofs Libpng
5
CVSSv2
CVE-2004-0599
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and previous versions allow remote malicious users to cause a denial of service (application crash) v...
Greg Roelofs Libpng
NA
CVE-2021-4214
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.
Libpng Libpng 1.6.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
2.6
CVSSv2
CVE-2011-3328
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certai...
Greg Roelofs Libpng 1.5.4
5
CVSSv2
CVE-2006-0481
Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent malicious users to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.
Greg Roelofs Libpng 1.2.7
4.3
CVSSv2
CVE-2007-5268
pngrtran.c in libpng prior to 1.0.29 and 1.2.x prior to 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote malicious users to cause a denial of service (crash) via a crafted PNG image.
Libpng Libpng
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
6.8
CVSSv2
CVE-2018-14550
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
Libpng Libpng 1.6.35
Oracle Mysql Workbench
Oracle Hyperion Infrastructure Technology 11.1.2.6.0
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager -
7.5
CVSSv2
CVE-2002-0660
Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow malicious users to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728.
Greg Roelofs Libpng3 1.2.1
Greg Roelofs Libpng 1.0.12
4.3
CVSSv2
CVE-2018-14048
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
Libpng Libpng 1.6.34
Oracle Jdk 11.0.0
Oracle Jre 11.0.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »