Lucene search
K

98 matches found

OSV
OSV
added 2025/10/22 7:40 p.m.5 views

GHSA-VR63-X8VC-M265 pypdf possibly loops infinitely when reading DCT inline images without EOF marker

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider...

8.7CVSS6.8AI score0.00402EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3082

Malware in sbrugna...

7.8CVSS7.6AI score0.01276EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-48719

Malicious code in bioql PyPI...

8.2CVSS6.4AI score0.00391EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-18108 Malicious code in dct-admin-gui (npm)

The package dct-admin-gui was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.11 views

Malicious code in dct-admin-gui (npm)

The package dct-admin-gui was found to contain malicious code...

7AI score
Exploits0
Snyk
Snyk
added 2025/07/31 7:20 p.m.6 views

Out-of-bounds Read

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Out-of-bounds Read in the LossyDctDecoderexecute function. An attacker can cause the application to crash or potentially leak sensitive information by providing a specially...

9.1CVSS6.7AI score0.00496EPSS
Exploits1References2
Snyk
Snyk
added 2025/07/31 7:20 p.m.3 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the LossyDctDecoderexecute function. An attacker can cause the application to crash or potentially leak sensitive information by providing a specially crafted DWAA-packed scan-line EXR file with a malicious chunk...

9.1CVSS6.7AI score0.00496EPSS
Exploits1References2
OSV
OSV
added 2024/12/27 2:15 p.m.4 views

UBUNTU-CVE-2024-56540

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...

4.7CVSS6.5AI score0.00156EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2024/08/21 12:0 a.m.6 views

PT-2024-40566 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as chunk free object and stream dct finalize. No informatio...

7AI score
Exploits0References2
OSV
OSV
added 2024/08/15 9:15 p.m.7 views

AZL-47857 CVE-2024-7868 affecting package cppcheck 2.7-2

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

8.2CVSS5.8AI score0.00391EPSS
Exploits0References1
OSV
OSV
added 2024/08/15 9:15 p.m.4 views

CVE-2024-7868

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

8.2CVSS5.8AI score0.00391EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/15 9:15 p.m.247 views

CVE-2024-7868

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

8.2CVSS5.9AI score0.00391EPSS
Exploits0References1
OSV
OSV
added 2024/08/15 9:15 p.m.8 views

UBUNTU-CVE-2024-7868

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

8.2CVSS5.8AI score0.00391EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/15 8:22 p.m.19 views

CVE-2024-7868 Uninitialized variable in Xpdf 4.05 due to invalid JPEG header

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

2.1CVSS6.7AI score0.00391EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/08/15 8:22 p.m.11 views

CVE-2024-7868

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

8.2CVSS6.9AI score0.00391EPSS
Exploits0References1
CVE
CVE
added 2024/08/15 8:22 p.m.53 views

CVE-2024-7868

CVE-2024-7868 affects Xpdf 4.05 and earlier, where invalid header info in a DCT (JPEG) stream can trigger an uninitialized variable in the DCT decoder, with a proof-of-concept PDF causing a segfault. Fedora/Slackware advisories indicate the issue is addressed by upgrading to Xpdf 4.06; multiple a...

8.2CVSS6.4AI score0.00391EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/15 8:22 p.m.36 views

CVE-2024-7868 Uninitialized variable in Xpdf 4.05 due to invalid JPEG header

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

2.1CVSS0.00391EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/08/15 8:22 p.m.12 views

CVE-2024-7868

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

8.2CVSS5.2AI score0.00391EPSS
Exploits0
CNNVD
CNNVD
added 2024/08/15 12:0 a.m.7 views

Xpdf 安全漏洞

Xpdf is a free PDF viewer and toolkit from Xpdf, Inc. that includes a text extractor, image converter, HTML converter, and more. A security vulnerability exists in Xpdf version 4.05 and earlier versions, which stems from invalid header information in the DCT JPEG stream that could lead to...

8.2CVSS6AI score0.00391EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.5 views

PT-2024-38645

Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue arises from invalid header information in a DCT JPEG stream, leading to an uninitialized variable in the DCT decoder. This can cause a segfault when attempting to read from an invalid addres...

8.5CVSS4.3AI score0.00391EPSS
Exploits2References27
Rows per page
Query Builder