Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-24	CVE-2021-4214	Classic Buffer Overflow vulnerability in multiple products A heap overflow flaw was found in libpngs' pngimage.c program. local low complexity libpng debian netapp CWE-120	5.5
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	5.3
2019-01-11	CVE-2019-6129	Memory Leak vulnerability in Libpng 1.6.36 png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. network low complexity libpng CWE-401	6.5
2018-07-13	CVE-2018-14048	An issue has been found in libpng 1.6.34. network low complexity libpng oracle	6.5
2018-07-09	CVE-2018-13785	Integer Overflow or Wraparound vulnerability in multiple products In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. network low complexity libpng canonical oracle redhat CWE-190	6.5
2011-07-17	CVE-2011-2691	NULL Pointer Dereference vulnerability in multiple products The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. network low complexity libpng fedoraproject debian CWE-476	6.5
2011-07-17	CVE-2011-2501	Out-of-bounds Read vulnerability in multiple products The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. network low complexity libpng fedoraproject debian canonical CWE-125	6.5
2010-06-30	CVE-2010-2249	Memory Leak vulnerability in multiple products Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. network low complexity libpng apple fedoraproject suse opensuse vmware canonical debian CWE-401	6.5