Lucene search
K

39 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.20 views

Debian: Security Advisory (DLA-121-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.18501EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 5:6 a.m.30 views

Heap-Based Buffer Overflow

JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly,...

7.5CVSS6.9AI score0.18501EPSS
Exploits0References21Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/05/11 12:0 a.m.47 views

OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)

The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes fixed by thoger: CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692...

7.8CVSS6.8AI score0.18501EPSS
Exploits11References37
Prion
Prion
added 2016/04/13 2:59 p.m.26 views

Double free

Double free vulnerability in the jasiccattrvaldestroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137...

6.8CVSS8.4AI score0.14547EPSS
Exploits0References6Affected Software2
Slackware Linux
Slackware Linux
added 2015/10/29 10:48 p.m.40 views

[slackware-security] jasper

New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/jasper-1.900.1-i486-4slack14.1.txz: Rebuilt. Applied many security and bug fixes. Thanks to Heinz Wiesinger...

10CVSS6.8AI score0.18501EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.29 views

Oracle: Security Advisory (ELSA-2014-2021)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.18501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.25 views

Gentoo Security Advisory GLSA 201503-01

Gentoo Linux Local Security Checks GLSA 201503-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.7AI score0.18501EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/09/18 12:0 a.m.36 views

RHEL 6 : rhev-hypervisor (RHSA-2015:1713)

Updated rhev-hypervisor packages that fix multiple security issues, several bugs, and add various enhancements are now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.5CVSS7.5AI score0.18501EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2015/09/03 5:8 p.m.56 views

Important: Red Hat Security Advisory: rhev-hypervisor security, bug fix, and enhancement update

Updated rhev-hypervisor packages that fix multiple security issues, several bugs, and add various enhancements are now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.5CVSS7.3AI score0.18501EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.33 views

Debian DLA-121-1 : jasper security update

Jose Duart of the Google Security Team discovered a double free flaw CVE-2014-8137 and a heap-based buffer overflow flaw CVE-2014-8138 in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary...

7.5CVSS7.4AI score0.18501EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/02/10 12:0 a.m.28 views

Fedora Update for jasper FEDORA-2015-1159

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.18501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/02/03 12:0 a.m.21 views

Fedora Update for mingw-jasper FEDORA-2015-1068

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.18501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/02/03 12:0 a.m.26 views

Fedora Update for mingw-jasper FEDORA-2015-1125

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.18501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/01/27 12:0 a.m.37 views

OracleVM 3.3 : jasper (OVMSA-2015-0006)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2014-8157 - dec-numtiles off-by-one check in jpcdecprocesssot 1183671 - CVE-2014-8158 - unrestricted stack memory use in jpcqmfb.c 1183679 - CVE-2014-8137 - double-free in in jasiccattrvaldestroy...

7.5CVSS7.1AI score0.18501EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/01/27 12:0 a.m.27 views

Ubuntu 10.04 LTS : ghostscript vulnerabilities (USN-2483-2)

USN-2483-1 fixed vulnerabilities in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially...

7.5CVSS7.7AI score0.18501EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/01/27 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-2483-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.18501EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/01/26 1:9 p.m.59 views

USN-2483-1: JasPer vulnerabilities

Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. CVE-2014-8137 Jos...

7.5CVSS7.6AI score0.18501EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/15 12:0 a.m.32 views

openSUSE Security Update : jasper (openSUSE-SU-2015:0039-1)

The follow issues were fixed with this update : - CVE-2014-8137 double-free in jasiccattrvaldestroybnc909474 - CVE-2014-8138 heap overflow in jasdecode bnc909475 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...

7.5CVSS6.8AI score0.18501EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/01/15 12:0 a.m.26 views

openSUSE Security Update : jasper (openSUSE-SU-2015:0038-1)

The follow issues were fixed with this update : - CVE-2014-8137 double-free in jasiccattrvaldestroybnc909474 - CVE-2014-8138 heap overflow in jasdecode bnc909475 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...

7.5CVSS6.8AI score0.18501EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/01/15 12:0 a.m.35 views

openSUSE Security Update : jasper (openSUSE-SU-2015:0042-1)

The follow issues were fixed with this update : - CVE-2014-8137 double-free in jasiccattrvaldestroybnc909474 - CVE-2014-8138 heap overflow in jasdecode bnc909475 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...

7.5CVSS6.8AI score0.18501EPSS
Exploits0References5
Rows per page
Query Builder