Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libgd libgd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3996
Multiple integer overflows in libgd in PHP prior to 5.2.4 allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or...
Php Php
NA
CVE-2006-2906
The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote malicious users to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.
Thomas Boutell Graphics Draw Library 2.0.33
1 EDB exploit
NA
CVE-2015-0848
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
Wvware Libwmf 0.2.8.4
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
NA
CVE-2007-0455
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
Gd Graphics Library Project Gd Graphics Library
Php Php
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
NA
CVE-2015-4588
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Wvware Libwmf 0.2.8.4
Fedoraproject Fedora 21
NA
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and previous versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Php Php
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Eus 6.5
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Eus 7.7
9.8
CVSSv3
CVE-2016-4071
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP prior to 5.5.34, 5.6.x prior to 5.6.20, and 7.x prior to 7.0.5 allows remote malicious users to execute arbitrary code via format string specifiers in an SNMP::get call.
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.12
Php Php 5.6.13
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.18
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.15
Php Php 5.6.17
Php Php 5.6.16
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php 5.6.14
Php Php 5.6.19
Apple Mac Os X
Php Php 5.5.0
1 EDB exploit
NA
CVE-2014-5120
gd_ctx.c in the GD component in PHP 5.4.x prior to 5.4.32 and 5.5.x prior to 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote malicious users to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd...
Php Php 5.4.0
Php Php 5.4.12
Php Php 5.4.13
Php Php 5.4.18
Php Php 5.4.19
Php Php 5.4.25
Php Php 5.4.26
Php Php 5.4.4
Php Php 5.4.5
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.12
Php Php 5.5.11
Php Php 5.5.0
Php Php 5.4.10
Php Php 5.4.11
Php Php 5.4.15
Php Php 5.4.21
Php Php 5.4.22
Php Php 5.4.29
Php Php 5.4.3
Php Php 5.4.9
9.8
CVSSv3
CVE-2017-5340
Zend/zend_hash.c in PHP prior to 7.0.15 and 7.1.x prior to 7.1.1 mishandles certain cases that require large array allocations, which allows remote malicious users to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of ar...
Php Php
Netapp Clustered Data Ontap -
9.8
CVSSv3
CVE-2016-7479
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
Php Php 7.1.0
Php Php 7.0.0
Php Php 7.0.3
Php Php 7.0.4
Php Php 7.0.1
Php Php 7.0.10
Php Php 7.0.5
Php Php 7.0.6
Php Php 7.0.11
Php Php 7.0.12
Php Php 7.0.7
Php Php 7.0.8
Php Php 7.0.14
Php Php 7.0.2
Php Php 7.0.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »