Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3328
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certai...
Greg Roelofs Libpng 1.5.4
NA
CVE-2006-7244
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions prior to 1.2.15beta3, allows context-dependent malicious users to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length.
Libpng Libpng 1.0.37
Libpng Libpng 1.2.14
Libpng Libpng 1.2.11
Libpng Libpng 1.0.6
Libpng Libpng 1.0.23
Libpng Libpng 1.0.41
Libpng Libpng 1.0.9
Libpng Libpng 1.0.15
Libpng Libpng 1.2.0
Libpng Libpng 1.0.10
Libpng Libpng 1.2.10
Libpng Libpng 1.0.7
Libpng Libpng 1.0.46
Libpng Libpng 1.0.17
Libpng Libpng 1.0.29
Libpng Libpng 1.2.1
Libpng Libpng 1.0.27
Libpng Libpng 1.0.1
Libpng Libpng 1.0.8
Libpng Libpng 1.0.12
Libpng Libpng 1.0.31
Libpng Libpng 1.0.14
NA
CVE-2009-5063
Memory leak in the embedded_profile_len function in pngwutil.c in libpng prior to 1.2.39beta5 allows context-dependent malicious users to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile lengt...
Libpng Libpng 1.2.39
Libpng Libpng
6.5
CVSSv3
CVE-2011-2501
The png_format_buffer function in pngerror.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 allows remote malicious users to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bound...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
8.8
CVSSv3
CVE-2011-2690
Buffer overflow in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote malicious users to overwrite memory with ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
6.5
CVSSv3
CVE-2011-2691
The png_err function in pngerror.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote malicious users to cause a denial...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
8.8
CVSSv3
CVE-2011-2692
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 does not properly handle invalid sCAL chunks, which allows remote malicious users to cause a denial of service (memory corruption and ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
NA
CVE-2011-0408
pngrtran.c in libpng 1.5.x prior to 1.5.1 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the pn...
Libpng Libpng 1.5.0
8.8
CVSSv3
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
NA
CVE-2010-1211
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allow remote malicious users to cause a denial of service (memory ...
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.1
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Thunderbird 3.0.2
Mozilla Thunderbird 3.0.3
Mozilla Thunderbird 3.1
Mozilla Thunderbird 3.0
Mozilla Thunderbird 3.0.4
Mozilla Thunderbird 3.0.5
Mozilla Thunderbird 3.0.1
Mozilla Seamonkey 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »