Lucene search
+L

232 matches found

osv
osv
added 2026/05/26 7:31 p.m.11 views

JLSEC-2026-550

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opjt1decodecblks function in tcd.c through a crafted image file, causing a denial of service...

6.5CVSS6.5AI score0.00559EPSS
Exploits0References5
osv
osv
added 2026/05/26 7:31 p.m.18 views

JLSEC-2026-549

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file...

5.5CVSS5.8AI score0.00242EPSS
Exploits0References4
osv
osv
added 2026/05/26 7:31 p.m.12 views

JLSEC-2026-551

openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c...

6.5CVSS6.9AI score0.00259EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/26 12:0 a.m.14 views

PT-2026-47109

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files...

5.6AI score
Exploits0References7
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openjpeg2

There is a flaw in the src/lib/openjp2/pi.c file of openjpeg in versions prior to 2.4.0. If an attacker can provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The most significant impact of this flaw is the application’s availability...

5.5CVSS6.5AI score0.01443EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in openjpeg2

In OpenJPEG version 2.3.1, the jp2/opjdecompress.c file contains a use-after-free issue. This issue can occur if there is a mix of valid and invalid files in a directory that is processed by the decompressor. It is also possible for a double free to occur. This issue is related to calling...

6.5CVSS7.2AI score0.02595EPSS
Exploits0References1
nessus
nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: openjpeg2 (UTSA-2026-017606)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017606 advisory. There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg...

5.5CVSS5.8AI score0.01384EPSS
Exploits0References4
ubuntu
ubuntu
added 2026/05/07 1:59 p.m.17 views

USN-8252-1: OpenJPEG vulnerability

It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...

4.8CVSS5.9AI score0.00112EPSS
Exploits0
osv
osv
added 2026/05/07 1:59 p.m.11 views

USN-8252-1 openjpeg2 vulnerability

It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...

4.8CVSS5.9AI score0.00112EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/07 12:0 a.m.11 views

PT-2026-39179

It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...

4.8CVSS5.9AI score0.00112EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2026/04/13 5:16 p.m.9 views

CVE-2026-6192

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References6
osv
osv
added 2026/04/13 5:16 p.m.16 views

UBUNTU-CVE-2026-6192

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2026/04/13 4:45 p.m.4 views

CVE-2026-6192 uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References7
cve
cve
added 2026/04/13 4:45 p.m.106 views

CVE-2026-6192

Affected software: uclouvain openjpeg (up to 2.5.4). Vulnerable component: opj_pi_initialise_encode in src/lib/openjp2/pi.c due to an integer overflow. Impact: local attacker can exploit; exploit exists publicly. Patch: reference to patch identifier 839936aa33eb8899bbbd80fda02796bb65068951 should...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
cvelist
cvelist
added 2026/04/13 4:45 p.m.31 views

CVE-2026-6192 uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...

4.8CVSS0.00112EPSS
Exploits0References7
nessus
nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 7 : openjpeg-1.5.1-17.el7 (AXBA:2017-1766:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXBA:2017-1766:02 advisory. - Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors...

7.5CVSS6.3AI score0.05515EPSS
Exploits0References2
nessus
nessus
added 2026/01/19 12:0 a.m.6 views

MiracleLinux 4 : openjpeg-1.3-10.AXS4 (AXSA:2014-074:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-074:01 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...

7.5CVSS6.4AI score0.05515EPSS
Exploits0References5
nessus
nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : openjpeg-1.3-8.AXS4 (AXSA:2012-758:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-758:01 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...

10CVSS8.4AI score0.07695EPSS
Exploits0References3
nessus
nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : openjpeg-1.3-9.AXS4 (AXSA:2012-984:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-984:02 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...

6.8CVSS8.6AI score0.0615EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-4548

Malware in sbrugna...

5.5CVSS6AI score0.02596EPSS
Exploits0References16
Rows per page
Query Builder