Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng libpng vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2009-5063
Memory leak in the embedded_profile_len function in pngwutil.c in libpng prior to 1.2.39beta5 allows context-dependent malicious users to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile lengt...
Libpng Libpng 1.2.39
Libpng Libpng
445
VMScore
CVE-2006-7244
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions prior to 1.2.15beta3, allows context-dependent malicious users to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length.
Libpng Libpng 1.0.37
Libpng Libpng 1.2.14
Libpng Libpng 1.2.11
Libpng Libpng 1.0.6
Libpng Libpng 1.0.23
Libpng Libpng 1.0.41
Libpng Libpng 1.0.9
Libpng Libpng 1.0.15
Libpng Libpng 1.2.0
Libpng Libpng 1.0.10
Libpng Libpng 1.2.10
Libpng Libpng 1.0.7
Libpng Libpng 1.0.46
Libpng Libpng 1.0.17
Libpng Libpng 1.0.29
Libpng Libpng 1.2.1
Libpng Libpng 1.0.27
Libpng Libpng 1.0.1
Libpng Libpng 1.0.8
Libpng Libpng 1.0.12
Libpng Libpng 1.0.31
Libpng Libpng 1.0.14
383
VMScore
CVE-2011-2501
The png_format_buffer function in pngerror.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 allows remote malicious users to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bound...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
605
VMScore
CVE-2011-2690
Buffer overflow in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote malicious users to overwrite memory with ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
383
VMScore
CVE-2011-2691
The png_err function in pngerror.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote malicious users to cause a denial...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
605
VMScore
CVE-2011-2692
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 does not properly handle invalid sCAL chunks, which allows remote malicious users to cause a denial of service (memory corruption and ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
605
VMScore
CVE-2011-0408
pngrtran.c in libpng 1.5.x prior to 1.5.1 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the pn...
Libpng Libpng 1.5.0
828
VMScore
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
828
VMScore
CVE-2010-1211
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allow remote malicious users to cause a denial of service (memory ...
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.1
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Thunderbird 3.0.2
Mozilla Thunderbird 3.0.3
Mozilla Thunderbird 3.1
Mozilla Thunderbird 3.0
Mozilla Thunderbird 3.0.4
Mozilla Thunderbird 3.0.5
Mozilla Thunderbird 3.0.1
Mozilla Seamonkey 1.0.1
940
VMScore
CVE-2010-1214
Integer overflow in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via plugin content with many parameter elements.
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.1
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.16
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.6
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »