Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2011-2690
Buffer overflow in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote malicious users to overwrite memory with ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
605
VMScore
CVE-2011-2692
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 does not properly handle invalid sCAL chunks, which allows remote malicious users to cause a denial of service (memory corruption and ...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
383
VMScore
CVE-2011-2501
The png_format_buffer function in pngerror.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 allows remote malicious users to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bound...
Libpng Libpng
Fedoraproject Fedora 14
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
NA
CVE-2020-35511
A global buffer overflow exists in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file.
Libpng Pngcheck 2.4.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
605
VMScore
CVE-2009-0040
The PNG reference library (aka libpng) prior to 1.0.43, and 1.2.x prior to 1.2.35, as used in pngcrush and other applications, allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that ...
Libpng Libpng
Apple Iphone Os
Apple Mac Os X
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise 10.0
Suse Linux Enterprise 9.0
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Fedoraproject Fedora 10
Fedoraproject Fedora 9
1000
VMScore
CVE-2004-0597
Multiple buffer overflows in libpng 1.2.5 and previous versions, as used in multiple products, allow remote malicious users to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tR...
Microsoft Windows Messenger 5.0
Greg Roelofs Libpng
Microsoft Msn Messenger 6.1
Microsoft Msn Messenger 6.2
Microsoft Windows Media Player 9
Microsoft Windows 98se
Microsoft Windows Me
3 EDB exploits
2 Github repositories
383
VMScore
CVE-2010-0205
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x prior to 1.0.53, 1.2.x prior to 1.2.43, and 1.4.x prior to 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote malicious...
Libpng Libpng
Apple Mac Os X
Fedoraproject Fedora 11
Fedoraproject Fedora 12
Fedoraproject Fedora 13
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Opensuse Opensuse 11.2
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Debian Debian Linux 5.0
Debian Debian Linux 6.0
383
VMScore
CVE-2010-2249
Memory leak in pngrutil.c in libpng prior to 1.2.44, and 1.4.x prior to 1.4.3, allows remote malicious users to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
Libpng Libpng
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Tvos
Fedoraproject Fedora 13
Fedoraproject Fedora 12
Suse Linux Enterprise Server 10
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.2
Vmware Player
Vmware Workstation
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
668
VMScore
CVE-2016-3751
Unspecified vulnerability in libpng prior to 1.6.20, as used in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-07-01, allows malicious users to gain privileges via a crafted application, as demonstrated by obtaining Signature or Sign...
Libpng Libpng
Google Android 5.0.1
Google Android 4.4.3
Google Android 4.2.1
Google Android 4.1.2
Google Android 4.0.1
Google Android 4.4.1
Google Android 4.4
Google Android 4.3.1
Google Android 4.3
Google Android 6.0.1
Google Android 6.0
Google Android 5.1.0
Google Android 4.1
Google Android 4.0.4
Google Android 4.0.3
Google Android 4.0.2
Google Android 5.1
Google Android 5.0
Google Android 4.4.2
Google Android 4.2.2
Google Android 4.2
1 Github repository
384
VMScore
CVE-2018-13785
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
Libpng Libpng 1.6.34
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Oracle Jdk 11.0.0
Oracle Jre 11.0.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »