Total
45 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7354 | 1 Libpng | 1 Libpng | 2016-12-31 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. | |||||
| CVE-2013-7353 | 1 Libpng | 1 Libpng | 2016-12-31 | 5.0 MEDIUM | N/A |
| Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. | |||||
| CVE-2014-9495 | 2 Apple, Libpng | 2 Mac Os X, Libpng | 2016-10-18 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image. | |||||
| CVE-2014-0333 | 1 Libpng | 1 Libpng | 2014-03-26 | 5.0 MEDIUM | N/A |
| The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero. | |||||
| CVE-2011-3464 | 1 Libpng | 1 Libpng | 2012-07-23 | 7.5 HIGH | N/A |
| Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow. | |||||