Total
44 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-3751 | 2 Google, Libpng | 2 Android, Libpng | 2016-07-11 | 7.5 HIGH | 7.8 HIGH |
Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085. | |||||
CVE-2014-0333 | 1 Libpng | 1 Libpng | 2014-03-25 | 5.0 MEDIUM | N/A |
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero. | |||||
CVE-2011-3464 | 1 Libpng | 1 Libpng | 2012-07-22 | 7.5 HIGH | N/A |
Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow. | |||||
CVE-2006-7244 | 1 Libpng | 1 Libpng | 2012-06-14 | 5.0 MEDIUM | N/A |
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. |