[SECURITY] Fedora 43 Update: SDL3_image-3.4.4-1.fc43

Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This is a simple library to load images of various formats as SDL surfaces. It can load BMP, GIF, JPEG, LBM, PCX, PNG, PNM PPM/PGM/PBM, QOI, TGA, XCF,...

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser

A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...

Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image

...

Linux Distros Unpatched Vulnerability : CVE-2025-65407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via...

EUVD-2025-33678

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

EUVD-2015-8114

Malware in sbrugna...

The vulnerability of the console-based MPEG audio player mpg123, related to the ability to write beyond the allocated memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the console-based MPEG audio player mpg123 lies in its ability to write beyond the allocated memory boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause system failures...

LibJXL 安全漏洞

LibJXL is a reference implementation of PEG XL encoder and decoder in the LibJXL open source. A security vulnerability exists in LibJXL that stems from improper boundary checking by the JPEG decoder when handling JPEG recompression, which could lead to out-of-bounds writes in the event that...

The vulnerability of ImageSharp’s 2D graphics library decoder allows a hacker to induce a service failure.

The vulnerability of the ImageSharp 2D graphics library decoder is related to uncontrolled memory allocation during the processing of GIF and JPEG files. Exploiting this vulnerability can allow an attacker to cause service interruptions...

Autodesk Design Review 缓冲区错误漏洞

Autodesk Design Review ADR is a suite of AutoCAD drafting software assistance software from the American company Autodesk. The software supports viewing, marking, measuring, printing, and tracking changes to 2D and 3D design files. A buffer error vulnerability exists in Autodesk Design Review and...

The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC function decoding process allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the STTS decoder for MPEG-4 multimedia platform GPAC is related to incorrect checking of the result of an arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the use of memory after it is freed, allowing attackers to exploit their privileges.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to the use of memory after it is freed during the processing of JPEG 2000 or jp2 graphic files. Exploiting this vulnerability can allow an attacker to gain increased privileges...

GPAC Project Advanced Content 缓冲区错误漏洞

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering. an integer overflow vulnerability exists in the MPEG-4 decoding functionality in GPAC Project on Advanced...

ok-file-formats buffer overflow vulnerability

ok-file-formats is a decoder for files in PNG, JPEG and WAV formats. ok-file-formats A buffer overflow vulnerability exists in the 'okwavdecodemsadpcmdata' function of the okwav.c file in versions 2018-10-16 and earlier. An attacker could exploit this vulnerability to execute code or cause a deni...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

DEBIAN-CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

UBUNTU-CVE-2017-11450

coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via JPEG data that is too short...

The vulnerability of the MPEG-4 AVC software platform, Flash Player, allows attackers to execute arbitrary code.

The vulnerability of the MPEG-4 AVC software platform, Flash Player, arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption remotely...

The vulnerabilities of programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to trigger service interruptions.

The vulnerability of the JPEG 2000 stream processing service software for viewing and editing PDF files in Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a service...