Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2007-5269
Certain chunk handlers in libpng prior to 1.0.29 and 1.2.x prior to 1.2.21 allow remote malicious users to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT...
Libpng Libpng 1.0.28
Libpng Libpng
445
VMScore
CVE-2007-2445
The png_handle_tRNS function in pngrutil.c in libpng prior to 1.0.25 and 1.2.x prior to 1.2.17 allows remote malicious users to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.
Png Reference Library Libpng
445
VMScore
CVE-2006-0481
Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent malicious users to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.
Greg Roelofs Libpng 1.2.7
445
VMScore
CVE-2004-0598
The png_handle_iCCP function in libpng 1.2.5 and previous versions allows remote malicious users to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
Greg Roelofs Libpng
445
VMScore
CVE-2004-0599
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and previous versions allow remote malicious users to cause a denial of service (application crash) v...
Greg Roelofs Libpng
445
VMScore
CVE-2004-0421
The Portable Network Graphics library (libpng) 1.0.15 and previous versions allows malicious users to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Openpkg Openpkg 2.0
Libpng Libpng 1.2.2
Libpng Libpng 1.0.8
Libpng Libpng 1.2.4
Libpng Libpng 1.0.14
Libpng Libpng 1.2.0
Openpkg Openpkg 1.3
Libpng Libpng 1.0.11
Libpng Libpng 1.0.9
Libpng Libpng 1.0.13
Libpng Libpng 1.0.6
Libpng Libpng 1.0.7
Libpng Libpng 1.2.3
Libpng Libpng 1.0.5
Libpng Libpng 1.2.1
Redhat Libpng 1.2.2-16
Libpng Libpng 1.0.12
Libpng Libpng 1.2.5
Libpng Libpng 1.0.0
Redhat Libpng 1.2.2-20
Libpng Libpng 1.0.10
Trustix Secure Linux 2.0
445
VMScore
CVE-2002-0728
Buffer overflow in the progressive reader for libpng 1.2.x prior to 1.2.4, and 1.0.x prior to 1.0.14, allows malicious users to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.
Greg Roelofs Libpng 1.2.4
Greg Roelofs Libpng 1.0.14
435
VMScore
CVE-2007-3473
The gdImageCreateXbm function in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
Libgd Gd Graphics Library
1 EDB exploit
409
VMScore
CVE-2019-9423
In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: ...
Google Android 10.0
1 Github repository
384
VMScore
CVE-2018-14048
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.
Libpng Libpng 1.6.34
Oracle Jdk 11.0.0
Oracle Jre 11.0.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »