8 matches found
CVE-2026-8813
This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing, ExifReader repeatedly processes the same record and appends entries to an array without sufficien...
📄 Samsung libimagecodec.quram.so Buffer Overflow / Denial of Service
This proof of concept demonstrates a denial of service vulnerability in Samsung's libimagecodec.quram.so JPEG decoder. By crafting a structurally valid JPEG file with maliciously large image dimensions height 65535, width 2862 in the SOF0 marker, the decoder performs unsafe size calculations duri...
CVE-2025-57810 jsPDF Parsing of Corrupt PNGs Leads to Potential Denial of Service (DoS)
jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG...
CVE-2022-40661
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2017-1000128
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser...
The vulnerability of the graphic module of programs for viewing and editing PDF files, such as Adobe Reader, Document Cloud, and Adobe Acrobat, allows attackers to execute arbitrary code.
The vulnerability of graphic modules in PDF viewing and editing programs such as Adobe Reader, Document Cloud, and Adobe Acrobat arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability allows a malicious actor to inject arbitrary code using JPEG parsing,...
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.
The vulnerability in PDF viewer programs such as Adobe Reader and Document Cloud, as well as in PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, arises due to an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to...
Microsoft DirectShow Remote Code Execution (MS13-056; CVE-2013-3174)
A remote code execution vulnerability has been reported in the Microsoft DirectShow. The vulnerability is due to faulty GIF image files parsing. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted GIF file. A successfull exploitation of this vulnerability...