Search CVE reports


Toggle filters

31 – 40 of 55 results


CVE-2011-2690

Medium priority

Some fixes available 8 of 9

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote...

3 affected packages

chromium-browser, firefox, libpng

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
firefox
libpng
Show less packages

CVE-2011-2501

Low priority

Some fixes available 11 of 13

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG...

3 affected packages

chromium-browser, firefox, libpng

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
firefox
libpng
Show less packages

CVE-2011-0408

Medium priority
Ignored

pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to...

3 affected packages

chromium-browser, firefox, libpng

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
firefox
libpng
Show less packages

CVE-2010-2249

Medium priority

Some fixes available 5 of 11

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka...

3 affected packages

chromium-browser, firefox, libpng

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
firefox
libpng
Show less packages

CVE-2010-1205

Medium priority

Some fixes available 12 of 14

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

5 affected packages

chromium-browser, firefox, libpng, thunderbird, xulrunner-1.9.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
firefox
libpng
thunderbird
xulrunner-1.9.2
Show less packages

CVE-2010-0205

Medium priority

Some fixes available 5 of 7

The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed...

2 affected packages

firefox, libpng

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
libpng
Show less packages

CVE-2009-2042

Low priority

Some fixes available 8 of 21

libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers...

7 affected packages

libpng, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpng
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 7 packages Show less packages

CVE-2009-0040

Medium priority

Some fixes available 15 of 31

The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute...

12 affected packages

firefox, firefox-3.0, firefox-3.5, iceape, icedove...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
firefox-3.0
firefox-3.5
iceape
icedove
libpng
mozilla-thunderbird
seamonkey
thunderbird
xulrunner
xulrunner-1.9
xulrunner-1.9.1
Show all 12 packages Show less packages

CVE-2008-6218

Low priority
Not affected

Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file.

1 affected package

libpng

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpng
Show less packages

CVE-2008-5907

Low priority
Fixed

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of...

1 affected package

libpng

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpng
Show less packages