Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2011-2690
Buffer overflow in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote malicious users to overwrite memory with ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
6.8
CVSSv2
CVE-2011-2692
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 does not properly handle invalid sCAL chunks, which allows remote malicious users to cause a denial of service (memory corruption and ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
6.8
CVSSv2
CVE-2011-0408
pngrtran.c in libpng 1.5.x prior to 1.5.1 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the pn...
Libpng Libpng 1.5.0
6.8
CVSSv2
CVE-2009-1932
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote malicious users to cause a denial of ser...
Gstreamer Good Plug-ins 0.10.15
6.8
CVSSv2
CVE-2009-0040
The PNG reference library (aka libpng) prior to 1.0.43, and 1.2.x prior to 1.2.35, as used in pngcrush and other applications, allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that ...
Libpng Libpng
Apple Iphone Os
Apple Mac Os X
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise 10.0
Suse Linux Enterprise 9.0
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Fedoraproject Fedora 10
Fedoraproject Fedora 9
5.8
CVSSv2
CVE-2019-2816
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker wi...
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Jre 11.0.3
Oracle Jre 12.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Hp Xp7 Command View
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
5.8
CVSSv2
CVE-2009-0777
Mozilla Firefox prior to 3.0.7, Thunderbird prior to 2.0.0.21, and SeaMonkey prior to 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote malicious users to spoof URLs and...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.2
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.2
Mozilla Thunderbird 2.0.0.9
Mozilla Thunderbird 2.0.0.6
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.1.10
Mozilla Firefox 3.0
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.5
Mozilla Firefox 2.0.0.4
Mozilla Thunderbird 2.0.0.14
Mozilla Thunderbird 2.0.0.12
5
CVSSv2
CVE-2019-2762
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with ...
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Jre 11.0.3
Oracle Jre 12.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Satellite 5.8
Redhat Enterprise Linux 8.0
5
CVSSv2
CVE-2019-2769
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with ...
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Jre 11.0.3
Oracle Jre 12.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Satellite 5.8
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.6
Hp Xp7 Command View
5
CVSSv2
CVE-2019-11698
If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »