Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpng libpng 1.0.14 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0728
Buffer overflow in the progressive reader for libpng 1.2.x prior to 1.2.4, and 1.0.x prior to 1.0.14, allows malicious users to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.
Greg Roelofs Libpng 1.2.4
Greg Roelofs Libpng 1.0.14
NA
CVE-2004-0421
The Portable Network Graphics library (libpng) 1.0.15 and previous versions allows malicious users to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Openpkg Openpkg 2.0
Libpng Libpng 1.2.2
Libpng Libpng 1.0.8
Libpng Libpng 1.2.4
Libpng Libpng 1.0.14
Libpng Libpng 1.2.0
Openpkg Openpkg 1.3
Libpng Libpng 1.0.11
Libpng Libpng 1.0.9
Libpng Libpng 1.0.13
Libpng Libpng 1.0.6
Libpng Libpng 1.0.7
Libpng Libpng 1.2.3
Libpng Libpng 1.0.5
Libpng Libpng 1.2.1
Redhat Libpng 1.2.2-16
Libpng Libpng 1.0.12
Libpng Libpng 1.2.5
Libpng Libpng 1.0.0
Redhat Libpng 1.2.2-20
Libpng Libpng 1.0.10
Trustix Secure Linux 2.0
NA
CVE-2009-2042
libpng prior to 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote malicious users to read portions of sensitive memory via &q...
Libpng Libpng 0.89c
Libpng Libpng 1.0.11
Libpng Libpng 1.0.13
Libpng Libpng 1.0.15
Libpng Libpng 1.0.16
Libpng Libpng 1.0.2
Libpng Libpng 1.0.22
Libpng Libpng 1.2.18
Libpng Libpng 1.2.1
Libpng Libpng 1.2.17
Libpng Libpng 1.2.16
Libpng Libpng 1.2.13
Libpng Libpng 1.2.19
Libpng Libpng 1.2.10
Libpng Libpng 1.0.8
Libpng Libpng 1.0.9
Libpng Libpng 1.2.14
Libpng Libpng 1.2.15
Libpng Libpng 1.2.11
Libpng Libpng 1.2.23
Libpng Libpng 1.2.24
Libpng Libpng 1.2.22
NA
CVE-2008-1382
libpng 1.0.6 up to and including 1.0.32, 1.2.0 up to and including 1.2.26, and 1.4.0beta01 up to and including 1.4.0beta19 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unkno...
Libpng Libpng 1.0.12
Libpng Libpng 1.0.15
Libpng Libpng 1.0.16
Libpng Libpng 1.0.19
Libpng Libpng 1.0.20
Libpng Libpng 1.0.23
Libpng Libpng 1.0.25
Libpng Libpng 1.0.26
Libpng Libpng 1.0.27
Libpng Libpng 1.0.28
Libpng Libpng 1.0.29
Libpng Libpng 1.0.6
Libpng Libpng 1.0.7
Libpng Libpng 1.0.8
Libpng Libpng 1.0.9
Libpng Libpng 1.2.0
Libpng Libpng 1.2.1
Libpng Libpng 1.2.10
Libpng Libpng 1.2.11
Libpng Libpng 1.2.13
Libpng Libpng 1.2.14
Libpng Libpng 1.2.15
NA
CVE-2006-7244
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions prior to 1.2.15beta3, allows context-dependent malicious users to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length.
Libpng Libpng 1.0.37
Libpng Libpng 1.2.14
Libpng Libpng 1.2.11
Libpng Libpng 1.0.6
Libpng Libpng 1.0.23
Libpng Libpng 1.0.41
Libpng Libpng 1.0.9
Libpng Libpng 1.0.15
Libpng Libpng 1.2.0
Libpng Libpng 1.0.10
Libpng Libpng 1.2.10
Libpng Libpng 1.0.7
Libpng Libpng 1.0.46
Libpng Libpng 1.0.17
Libpng Libpng 1.0.29
Libpng Libpng 1.2.1
Libpng Libpng 1.0.27
Libpng Libpng 1.0.1
Libpng Libpng 1.0.8
Libpng Libpng 1.0.12
Libpng Libpng 1.0.31
Libpng Libpng 1.0.14
NA
CVE-2002-1363
Portable Network Graphics (PNG) library libpng 1.2.5 and previous versions does not correctly calculate offsets, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.
Greg Roelofs Libpng 1.0.13
Greg Roelofs Libpng 1.0.14
Greg Roelofs Libpng 1.2.1
Greg Roelofs Libpng 1.2.2
Greg Roelofs Libpng 1.2.3
Greg Roelofs Libpng 1.0.7
Greg Roelofs Libpng 1.0.8
Greg Roelofs Libpng 1.0.5
Greg Roelofs Libpng 1.0.6
Greg Roelofs Libpng 1.2.4
Greg Roelofs Libpng 1.0.11
Greg Roelofs Libpng 1.0.12
Greg Roelofs Libpng 1.0.9
Greg Roelofs Libpng 1.2.0
NA
CVE-2011-3048
The png_set_text_2 function in pngset.c in libpng 1.0.x prior to 1.0.59, 1.2.x prior to 1.2.49, 1.4.x prior to 1.4.11, and 1.5.x prior to 1.5.10 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image fi...
Libpng Libpng 1.0.57
Libpng Libpng 1.0.56
Libpng Libpng 1.0.50
Libpng Libpng 1.0.48
Libpng Libpng 1.0.41
Libpng Libpng 1.0.40
Libpng Libpng 1.0.32
Libpng Libpng 1.0.31
Libpng Libpng 1.0.30
Libpng Libpng 1.0.23
Libpng Libpng 1.0.22
Libpng Libpng 1.0.1
Libpng Libpng 1.0.0
Libpng Libpng 1.0.8
Libpng Libpng 1.0.7
Libpng Libpng 1.0.58
Libpng Libpng 1.0.54
Libpng Libpng 1.0.53
Libpng Libpng 1.0.45
Libpng Libpng 1.0.44
Libpng Libpng 1.0.37
Libpng Libpng 1.0.35
NA
CVE-2012-3425
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x prior to 1.0.58, 1.2.x prior to 1.2.48, 1.4.x prior to 1.4.10, and 1.5.x prior to 1.5.10 allows remote malicious users to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Libpng Libpng 1.4.9
Libpng Libpng 1.4.4
Libpng Libpng 1.4.7
Libpng Libpng 1.4.1
Libpng Libpng 1.4.2
Libpng Libpng 1.4.0
Libpng Libpng 1.4.6
Libpng Libpng 1.4.5
Libpng Libpng 1.4.3
Libpng Libpng 1.4.8
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Libpng Libpng 1.2.14
Libpng Libpng 1.2.45
Libpng Libpng 1.2.46
Libpng Libpng 1.2.33
Libpng Libpng 1.2.16
Libpng Libpng 1.2.35
8.8
CVSSv3
CVE-2015-8540
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 up to and including 0.99, 1.0.x prior to 1.0.66, 1.1.x and 1.2.x prior to 1.2.56, 1.3.x and 1.4.x prior to 1.4.19, and 1.5.x prior to 1.5.26 allows remote malicious users to have unspecified impact v...
Redhat Enterprise Linux Desktop Supplementary 6.0
Redhat Enterprise Linux Server Supplementary 6.0
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Workstation Supplementary 6.0
Redhat Enterprise Linux Server Supplementary 5.0
Redhat Enterprise Linux Desktop Supplementary 5.0
Libpng Libpng 1.2.14
Libpng Libpng 1.2.45
Libpng Libpng 1.2.46
Libpng Libpng 1.2.33
Libpng Libpng 1.2.16
Libpng Libpng 1.2.35
Libpng Libpng 1.2.29
Libpng Libpng 1.2.26
Libpng Libpng 1.2.54
Libpng Libpng 1.2.7
Libpng Libpng 1.2.43
Libpng Libpng 1.2.2
Libpng Libpng 1.2.4
Libpng Libpng 1.2.22
Libpng Libpng 1.2.39
Libpng Libpng 1.2.48
7.5
CVSSv3
CVE-2016-10087
The png_set_text_2 function in libpng 0.71 prior to 1.0.67, 1.2.x prior to 1.2.57, 1.4.x prior to 1.4.20, 1.5.x prior to 1.5.28, and 1.6.x prior to 1.6.27 allows context-dependent malicious users to cause a NULL pointer dereference vectors involving loading a text chunk into a pn...
Libpng Libpng 1.0.5g
Libpng Libpng 1.0.37
Libpng Libpng 0.99e
Libpng Libpng 0.98
Libpng Libpng 1.0.4d
Libpng Libpng 1.0.41
Libpng Libpng 1.0.0b
Libpng Libpng 1.0.1b
Libpng Libpng 1.0.46
Libpng Libpng 0.99d
Libpng Libpng 1.0.4c
Libpng Libpng 1.0.65
Libpng Libpng 1.0.5t
Libpng Libpng 1.0.1
Libpng Libpng 1.0.4e
Libpng Libpng 1.0.1c
Libpng Libpng 1.0.8
Libpng Libpng 0.81
Libpng Libpng 1.0.5n
Libpng Libpng 0.88
Libpng Libpng 1.0.6f
Libpng Libpng 1.0.5k
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started