CVE-2022-38784

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

(0Day) Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

Integer overflow

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

CVE-2022-38171 describes an integer overflow in the JBIG2 decoder of Xpdf (JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc) that can crash or allow arbitrary code execution when processing a crafted PDF or JBIG2 image. Publicly documented impact aligns with prior CVEs (e.g., CVE-2021-30860) and ...

XPDF 输入验证错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF versions prior to 4.04, which stems from the JBIG2Stream::readSymbolDictSeg function in the JBIG2Stream.cc compone...

PT-2022-4445 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf versions prior to 4.04 Description: The issue is related to an integer overflow in the JBIG2 decoder, specifically in the readTextRegionSeg function JBIG2Stream.cc. This can be exploited by a remote attacker using a specially crafted PDF...

UBUNTU-CVE-2022-37769

libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

golang: encoding/xml: stack exhaustion in Decoder.Skip

A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

PT-2022-24059 · Libjpeg +1 · Libjpeg +1

Name of the Vulnerable Software and Affected Versions: libjpeg affected versions not specified Description: The issue allows attackers to cause a Denial of Service DoS via a crafted file, exploiting a segmentation fault in the HuffmanDecoder::Get function at huffmandecoder.hpp. Recommendations: A...

The vulnerability of the libMtkOmxAlacDec.so library, a decoder for ALAC microprogramming software for Sony Xperia phones of models 1, 5, and Pro, allows a perpetrator to…

The vulnerability of the libMtkOmxAlacDec.so decoder for ALAC microprogramming software in Sony Xperia models 1, 5, and Pro is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

PT-2022-16467 · Xpdf +2 · Xpdf +2

Name of the Vulnerable Software and Affected Versions: Xpdf versions prior to 4.04 Description: The issue is related to the DCT JPEG decoder in Xpdf, which incorrectly allows the interleaved flag to be changed after the first scan of the image. This leads to an unknown integer-related issue in...

CVE-2022-35003

JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl...

PNGDec 缓冲区错误漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec that stems from a heap buffer overflow in interceptorfwrite.part.57 of the sanitizercommoninterceptors.inc file...

PNGDec 缓冲区错误漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec that stems from a heap buffer overflow in asaninterceptorsmemintrinsics.cpp...

PNGDec 安全漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec, which stems from a memory allocation issue in asanmalloclinux.cpp...

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC has a security vulnerability that stems from a floating point exception in the DecodeJPEG module of the /src/jpeg.inl file...