Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng libpng vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7354
Multiple integer overflows in libpng prior to 1.5.14rc03 allow remote malicious users to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
Libpng Libpng 1.5.0
Libpng Libpng 1.5.1
Libpng Libpng 1.5.5
Libpng Libpng 1.5.9
Libpng Libpng
Libpng Libpng 1.5.12
Libpng Libpng 1.5.2
Libpng Libpng 1.5.3
Libpng Libpng 1.5.7
Libpng Libpng 1.5.11
Libpng Libpng 1.5.10
Libpng Libpng 1.5.6
Libpng Libpng 1.5.13
Libpng Libpng 1.5.4
Libpng Libpng 1.5.8
NA
CVE-2014-0333
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x up to and including 1.6.9 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.
Libpng Libpng 1.6.3
Libpng Libpng 1.6.4
Libpng Libpng 1.6.8
Libpng Libpng 1.6.9
Libpng Libpng 1.6.1
Libpng Libpng 1.6.6
Libpng Libpng 1.6.7
Libpng Libpng 1.6.2
Libpng Libpng 1.6.0
Libpng Libpng 1.6.5
NA
CVE-2012-3425
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x prior to 1.0.58, 1.2.x prior to 1.2.48, 1.4.x prior to 1.4.10, and 1.5.x prior to 1.5.10 allows remote malicious users to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Libpng Libpng 1.4.9
Libpng Libpng 1.4.4
Libpng Libpng 1.4.7
Libpng Libpng 1.4.1
Libpng Libpng 1.4.2
Libpng Libpng 1.4.0
Libpng Libpng 1.4.6
Libpng Libpng 1.4.5
Libpng Libpng 1.4.3
Libpng Libpng 1.4.8
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Libpng Libpng 1.2.14
Libpng Libpng 1.2.45
Libpng Libpng 1.2.46
Libpng Libpng 1.2.33
Libpng Libpng 1.2.16
Libpng Libpng 1.2.35
NA
CVE-2011-3464
Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 up to and including 1.5.7 might allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-ba...
Libpng Libpng 1.5.4
Libpng Libpng 1.5.5
Libpng Libpng 1.5.6
Libpng Libpng 1.5.2
Libpng Libpng 1.5.3
Libpng Libpng 1.5.7
Libpng Libpng 1.5.0
Libpng Libpng 1.5.1
NA
CVE-2011-3048
The png_set_text_2 function in pngset.c in libpng 1.0.x prior to 1.0.59, 1.2.x prior to 1.2.49, 1.4.x prior to 1.4.11, and 1.5.x prior to 1.5.10 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image fi...
Libpng Libpng 1.0.57
Libpng Libpng 1.0.56
Libpng Libpng 1.0.50
Libpng Libpng 1.0.48
Libpng Libpng 1.0.41
Libpng Libpng 1.0.40
Libpng Libpng 1.0.32
Libpng Libpng 1.0.31
Libpng Libpng 1.0.30
Libpng Libpng 1.0.23
Libpng Libpng 1.0.22
Libpng Libpng 1.0.1
Libpng Libpng 1.0.0
Libpng Libpng 1.0.8
Libpng Libpng 1.0.7
Libpng Libpng 1.0.58
Libpng Libpng 1.0.54
Libpng Libpng 1.0.53
Libpng Libpng 1.0.45
Libpng Libpng 1.0.44
Libpng Libpng 1.0.37
Libpng Libpng 1.0.35
NA
CVE-2011-3045
Integer signedness error in the png_inflate function in pngrutil.c in libpng prior to 1.4.10beta01, as used in Google Chrome prior to 17.0.963.83 and other products, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code ...
Google Chrome
Fedoraproject Fedora 17
Fedoraproject Fedora 16
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Workstation 5.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Eus 6.2
Fedoraproject Fedora 15
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Opensuse Opensuse 12.1
Redhat Storage 2.0
Redhat Storage For Public Cloud 2.0
Redhat Gluster Storage 2.0
Libpng Libpng
NA
CVE-2011-3026
Integer overflow in libpng, as used in Google Chrome prior to 17.0.963.56, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
Google Chrome
Apple Iphone Os
Apple Mac Os X 10.6.8
Apple Mac Os X
Apple Mac Os X Server 10.6.8
Apple Mac Os X Server
Opensuse Opensuse 11.4
Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Server 11
1 Github repository
NA
CVE-2011-3328
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certai...
Greg Roelofs Libpng 1.5.4
NA
CVE-2009-5063
Memory leak in the embedded_profile_len function in pngwutil.c in libpng prior to 1.2.39beta5 allows context-dependent malicious users to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile lengt...
Libpng Libpng 1.2.39
Libpng Libpng
NA
CVE-2006-7244
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions prior to 1.2.15beta3, allows context-dependent malicious users to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length.
Libpng Libpng 1.0.37
Libpng Libpng 1.2.14
Libpng Libpng 1.2.11
Libpng Libpng 1.0.6
Libpng Libpng 1.0.23
Libpng Libpng 1.0.41
Libpng Libpng 1.0.9
Libpng Libpng 1.0.15
Libpng Libpng 1.2.0
Libpng Libpng 1.0.10
Libpng Libpng 1.2.10
Libpng Libpng 1.0.7
Libpng Libpng 1.0.46
Libpng Libpng 1.0.17
Libpng Libpng 1.0.29
Libpng Libpng 1.2.1
Libpng Libpng 1.0.27
Libpng Libpng 1.0.1
Libpng Libpng 1.0.8
Libpng Libpng 1.0.12
Libpng Libpng 1.0.31
Libpng Libpng 1.0.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »