Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libgd gd graphics library vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to have unspecified impact via large width and height values.
Libgd Libgd
5.5
CVSSv3
CVE-2016-6906
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.
Libgd Libgd
7.8
CVSSv3
CVE-2016-10168
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) prior to 2.2.4 allows remote malicious users to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
Libgd Libgd
NA
CVE-2007-2756
The gdPngReadData function in libgd 2.0.34 allows user-assisted malicious users to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
Libgd Libgd 2.0.34
9.1
CVSSv3
CVE-2016-5116
gd_xbm.c in the GD Graphics Library (aka libgd) prior to 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent malicious users to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and applica...
Libgd Libgd
Opensuse Leap 42.1
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2019-6978
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
Libgd Libgd 2.2.5
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
7.5
CVSSv3
CVE-2017-6362
Double free vulnerability in the gdImagePngPtr function in libgd2 prior to 2.2.5 allows remote malicious users to cause a denial of service via vectors related to a palette with no colors.
Libgd Libgd 2.2.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 26
Canonical Ubuntu Linux 16.04
8.8
CVSSv3
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP prior to 5.6.40, 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.1, has a heap-based buffer overflow. This can be exploited by an ...
Libgd Libgd 2.2.5
Php Php 7.3.0
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Netapp Storage Automation Store
1 EDB exploit
5.3
CVSSv3
CVE-2019-11038
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value o...
Libgd Libgd 2.2.5
Php Php
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 32
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Desktop 12
Opensuse Leap 15.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Workstation Extension 12
Redhat Enterprise Linux 7.0
Redhat Software Collections 1.0
Redhat Enterprise Linux 8.0
NA
CVE-2015-0848
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
Wvware Libwmf 0.2.8.4
Fedoraproject Fedora 21
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »