Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libgd vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2021-38115
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) up to and including 2.3.2 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TGA file.
Libgd Libgd
2 Github repositories
383
VMScore
CVE-2018-14553
gdImageClone in gd.c in libgd 2.1.0-rc2 up to and including 2.2.5 has a NULL pointer dereference allowing malicious users to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
Libgd Libgd
Libgd Libgd 2.1.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Opensuse Leap 15.1
383
VMScore
CVE-2016-6906
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Libgd Libgd
383
VMScore
CVE-2016-6911
The dynamicGetbuf function in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
Libgd Libgd
383
VMScore
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and previous versions, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.
Php Php
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Tus 6.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Eus 6.5
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Eus 7.7
383
VMScore
CVE-2012-1571
file prior to 5.11 and libmagic allow remote malicious users to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
Tim Robbins Libmagic
Christos Zoulas File
383
VMScore
CVE-2007-3472
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to have unspecified attack vectors and impact.
Libgd Gd Graphics Library 2.0.33
Libgd Gd Graphics Library 2.0.34
Libgd Gd Graphics Library 2.0.35
Libgd Gd Graphics Library
383
VMScore
CVE-2007-3476
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.
Gd Graphics Library Gdlib
383
VMScore
CVE-2007-3478
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.
Gd Graphics Library Gdlib
383
VMScore
CVE-2007-3475
The GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to cause a denial of service (crash) via a GIF image that has no global color map.
Gd Graphics Library Gdlib
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »