Lucene search
K

137 matches found

FreeBSD
FreeBSD
added 2024/12/03 12:0 a.m.21 views

gstreamer1-plugins-jpeg -- NULL-pointer dereferences in JPEG decoder

The GStreamer Security Center reports: Insufficient error handling in the JPEG decoder that can lead to NULL-pointer dereferences, and that can cause crashes for certain input files...

7.5CVSS7AI score0.00865EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/11/25 8:54 p.m.13 views

CVE-2024-11403

A flaw was found in the libjxl package. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression, such as using JxlEncoderAddJPEGFrame on untrusted input, does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli,...

5.3CVSS6.8AI score0.0063EPSS
Exploits0References4
NVD
NVD
added 2024/11/25 2:15 p.m.10 views

CVE-2024-11403

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

9.8CVSS0.0063EPSS
Exploits0References1
OSV
OSV
added 2024/11/25 2:15 p.m.3 views

UBUNTU-CVE-2024-11403

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

9.8CVSS6AI score0.0063EPSS
Exploits0References3
OSV
OSV
added 2024/11/25 1:8 p.m.9 views

CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

6.9CVSS6.9AI score0.0063EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/25 1:8 p.m.19 views

CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

6.9CVSS7.1AI score0.0063EPSS
Exploits0References1
CVE
CVE
added 2024/11/25 1:8 p.m.84 views

CVE-2024-11403

CVE-2024-11403 involves an out-of-bounds read/write in LibJXL’s JPEG decoder used for recompression (JxlEncoderAddJPEGFrame) and also affects jpegli. The vulnerability arises when processing incomplete codes, allowing out-of-bounds writes and potentially causing reads of uninitialized memory or f...

9.8CVSS6.8AI score0.0063EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/25 1:8 p.m.20 views

CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

6.9CVSS0.0063EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/11/25 1:8 p.m.10 views

CVE-2024-11403

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

9.8CVSS7.2AI score0.0063EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.6 views

PT-2024-9202 · Libjxl +5 · Libjxl +5

Name of the Vulnerable Software and Affected Versions: LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99 libjpeg affected versions not specified libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 libjxl-devel-0.11.1-1.1 qt6-webengine Description: An out-of-bounds...

9.8CVSS5.1AI score0.0104EPSS
Exploits0References71
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.16 views

NewStart CGSL MAIN 6.02 : libtiff Multiple Vulnerabilities (NS-SA-2024-0051)

The remote NewStart CGSL host, running version MAIN 6.02, has libtiff packages installed that are affected by multiple vulnerabilities: - Buffer overflow in the t2pwritepdfstring function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service crash and possibly...

9.3CVSS7.7AI score0.1496EPSS
Exploits20References93
Snyk
Snyk
added 2024/04/15 8:24 p.m.12 views

Sensitive Information in Resource Not Removed Before Reuse

Overview Affected versions of this package are vulnerable to Sensitive Information in Resource Not Removed Before Reuse due to a flaw in the JPEG and TGA decoders, when a specially crafted image file is passed to a software using ImageSharp. An attacker can potentially disclose sensitive...

6.5CVSS6.5AI score0.00575EPSS
Exploits0References2
OSV
OSV
added 2024/03/11 6:15 p.m.2 views

DEBIAN-CVE-2023-52491

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...

7.8CVSS5.4AI score0.00276EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-3460

Heap-based buffer overflow in the JPEG decoder in the TIFF library libtiff before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size TiffScanLineSize...

7.5CVSS8.2AI score0.04338EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.4 views

SUSE CVE-2009-5022

Heap-based buffer overflow in tifojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file...

6.8CVSS8.3AI score0.10796EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.4 views

SUSE CVE-2014-8716

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service out-of-bounds memory access and crash...

6.2CVSS6.3AI score0.00402EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.3 views

SUSE CVE-2022-28042

stbimage.h v2.27 was discovered to contain an heap-based use-after-free via the function stbijpeghuffdecode...

8.8CVSS8.8AI score0.01598EPSS
Exploits1References3
OSV
OSV
added 2022/09/07 5:27 a.m.9 views

MGASA-2022-0320 Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

7.8CVSS7.7AI score0.00314EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/09/07 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2022-0320)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.00314EPSS
Exploits0References4
OSV
OSV
added 2022/08/30 4:15 a.m.2 views

DEBIAN-CVE-2022-24106

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...

7.8CVSS7.2AI score0.00292EPSS
Exploits0References1
Rows per page
Query Builder