35 matches found
Astra Linux – Vulnerability in DjVuLibre
A flaw was discovered in djvulibre-3.5.28 and earlier. A stack overflow occurred in the function DJVU::DjVuDocument::getdjvufile, due to a malicious djvu file, which could lead to the application crashing and other related issues...
Fedora 43 : djvulibre (2026-bfa185dbb3)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bfa185dbb3 advisory. Update to 3.5.30. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
EUVD-2019-6210
Malware in sbrugna...
EUVD-2021-19337
Malware in sbrugna...
EUVD-2019-6212
Malware in sbrugna...
EUVD-2019-6211
Malware in sbrugna...
EUVD-2012-6383
Malware in sbrugna...
Unity Linux 20.1070e Security Update: djvulibre (UTSA-2025-680665)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680665 advisory. A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filterbv via crafted djvu file may lead to application crash and other...
EUVD-2021-32999
Malicious code in bioql PyPI...
EUVD-2025-19908
Malicious code in bioql PyPI...
Amazon Linux 2 : djvulibre (ALASMATE-DESKTOP1.X-2025-010)
The version of djvulibre installed on the remote host is prior to 3.5.27-30. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2025-010 advisory. DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to...
DEBIAN-CVE-2025-53367
DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...
CVE-2025-53367 DjVuLibre OOB-Write Vulnerability in MMRDecoder
DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...
CVE-2025-53367 DjVuLibre OOB-Write Vulnerability in MMRDecoder
DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...
CVE-2025-53367
DjVuLibre (library for DjVu) is affected by CVE-2025-53367 in the MMRDecoder::scanruns path, prior to 3.5.29. The issue is an out-of-bounds write caused by not ensuring xr stays within the allocated buffer, leading to heap corruption. An out-of-bounds read (pr) is also possible for the same reaso...
CVE-2025-53367
DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...
CVE-2025-53367: An exploitable out-of-bounds write in DjVuLibre
DjVuLibre version 3.5.29 was released today. It fixes CVE-2025-53367 GHSL-2025-055, an out-of-bounds OOB write in the MMRDecoder::scanruns method. The vulnerability could be exploited to gain code execution on a Linux Desktop system when the user tries to open a crafted document. DjVu is a docume...
PT-2025-27837
Name of the Vulnerable Software and Affected Versions DjVuLibre versions prior to 3.5.29 djvulibre versions prior to 3.5.28-2.1deb12u1 mingw-djvulibre version 3.5.29 djview versions prior to 3.5.28-2ubuntu0.25.04.1 djview3 versions prior to 3.5.28-2ubuntu0.25.04.1 djvulibre-bin versions prior to...
CVE-2021-46312
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero...
PT-2023-5261
Name of the Vulnerable Software and Affected Versions DjVuLibre version 3.5.28 Description The issue is related to a lack of check for division by zero in the IW44EncodeCodec.cpp component of the DjVuLibre library, which is used for viewing, creating, and editing DjVu files. This can be exploited...