Lucene search
K

35 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in DjVuLibre

A flaw was discovered in djvulibre-3.5.28 and earlier. A stack overflow occurred in the function DJVU::DjVuDocument::getdjvufile, due to a malicious djvu file, which could lead to the application crashing and other related issues...

7.8CVSS7.2AI score0.00944EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.11 views

Fedora 43 : djvulibre (2026-bfa185dbb3)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bfa185dbb3 advisory. Update to 3.5.30. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

8.4CVSS7.1AI score0.00741EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-6210

Malware in sbrugna...

5.5CVSS4.9AI score0.01707EPSS
Exploits1References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-19337

Malware in sbrugna...

7.8CVSS7.5AI score0.00877EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-6212

Malware in sbrugna...

5.5CVSS5.3AI score0.01573EPSS
Exploits1References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-6211

Malware in sbrugna...

5.5CVSS5.3AI score0.01774EPSS
Exploits1References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-6383

Malware in sbrugna...

9.3CVSS6.1AI score0.04642EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: djvulibre (UTSA-2025-680665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680665 advisory. A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filterbv via crafted djvu file may lead to application crash and other...

7.8CVSS7.1AI score0.00913EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2021-32999

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00862EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-19908

Malicious code in bioql PyPI...

8.4CVSS7AI score0.00741EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.6 views

Amazon Linux 2 : djvulibre (ALASMATE-DESKTOP1.X-2025-010)

The version of djvulibre installed on the remote host is prior to 3.5.27-30. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2025-010 advisory. DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to...

8.4CVSS7.4AI score0.00741EPSS
Exploits0References4
OSV
OSV
added 2025/07/03 9:15 p.m.1 views

DEBIAN-CVE-2025-53367

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...

8.4CVSS7.4AI score0.00741EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/03 9:7 p.m.12 views

CVE-2025-53367 DjVuLibre OOB-Write Vulnerability in MMRDecoder

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...

8.4CVSS0.00741EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/03 9:7 p.m.4 views

CVE-2025-53367 DjVuLibre OOB-Write Vulnerability in MMRDecoder

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...

8.4CVSS7.3AI score0.00741EPSS
Exploits0References5
CVE
CVE
added 2025/07/03 9:7 p.m.69 views

CVE-2025-53367

DjVuLibre (library for DjVu) is affected by CVE-2025-53367 in the MMRDecoder::scanruns path, prior to 3.5.29. The issue is an out-of-bounds write caused by not ensuring xr stays within the allocated buffer, leading to heap corruption. An out-of-bounds read (pr) is also possible for the same reaso...

8.4CVSS6.7AI score0.00741EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/07/03 9:7 p.m.5 views

CVE-2025-53367

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...

8.4CVSS7.4AI score0.00741EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/07/03 8:52 p.m.3 views

CVE-2025-53367: An exploitable out-of-bounds write in DjVuLibre

DjVuLibre version 3.5.29 was released today. It fixes CVE-2025-53367 GHSL-2025-055, an out-of-bounds OOB write in the MMRDecoder::scanruns method. The vulnerability could be exploited to gain code execution on a Linux Desktop system when the user tries to open a crafted document. DjVu is a docume...

8.4CVSS8.3AI score0.00741EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.7 views

PT-2025-27837

Name of the Vulnerable Software and Affected Versions DjVuLibre versions prior to 3.5.29 djvulibre versions prior to 3.5.28-2.1deb12u1 mingw-djvulibre version 3.5.29 djview versions prior to 3.5.28-2ubuntu0.25.04.1 djview3 versions prior to 3.5.28-2ubuntu0.25.04.1 djvulibre-bin versions prior to...

8.4CVSS8.1AI score0.00869EPSS
Exploits1References67
OSV
OSV
added 2023/08/22 7:16 p.m.6 views

CVE-2021-46312

An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero...

6.5CVSS6.3AI score0.00869EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/08/22 12:0 a.m.6 views

PT-2023-5261

Name of the Vulnerable Software and Affected Versions DjVuLibre version 3.5.28 Description The issue is related to a lack of check for division by zero in the IW44EncodeCodec.cpp component of the DjVuLibre library, which is used for viewing, creating, and editing DjVu files. This can be exploited...

8.4CVSS7.1AI score0.00913EPSS
Exploits2References48
Rows per page
Query Builder