98 matches found
GHSA-VR63-X8VC-M265 pypdf possibly loops infinitely when reading DCT inline images without EOF marker
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider...
EUVD-2018-3082
Malware in sbrugna...
EUVD-2024-48719
Malicious code in bioql PyPI...
MAL-2025-18108 Malicious code in dct-admin-gui (npm)
The package dct-admin-gui was found to contain malicious code...
Malicious code in dct-admin-gui (npm)
The package dct-admin-gui was found to contain malicious code...
Out-of-bounds Read
Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Out-of-bounds Read in the LossyDctDecoderexecute function. An attacker can cause the application to crash or potentially leak sensitive information by providing a specially...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the LossyDctDecoderexecute function. An attacker can cause the application to crash or potentially leak sensitive information by providing a specially crafted DWAA-packed scan-line EXR file with a malicious chunk...
UBUNTU-CVE-2024-56540
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...
PT-2024-40566 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as chunk free object and stream dct finalize. No informatio...
AZL-47857 CVE-2024-7868 affecting package cppcheck 2.7-2
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
CVE-2024-7868
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
CVE-2024-7868
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
UBUNTU-CVE-2024-7868
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
CVE-2024-7868 Uninitialized variable in Xpdf 4.05 due to invalid JPEG header
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
CVE-2024-7868
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
CVE-2024-7868
CVE-2024-7868 affects Xpdf 4.05 and earlier, where invalid header info in a DCT (JPEG) stream can trigger an uninitialized variable in the DCT decoder, with a proof-of-concept PDF causing a segfault. Fedora/Slackware advisories indicate the issue is addressed by upgrading to Xpdf 4.06; multiple a...
CVE-2024-7868 Uninitialized variable in Xpdf 4.05 due to invalid JPEG header
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
CVE-2024-7868
In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...
Xpdf 安全漏洞
Xpdf is a free PDF viewer and toolkit from Xpdf, Inc. that includes a text extractor, image converter, HTML converter, and more. A security vulnerability exists in Xpdf version 4.05 and earlier versions, which stems from invalid header information in the DCT JPEG stream that could lead to...
PT-2024-38645
Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier Description The issue arises from invalid header information in a DCT JPEG stream, leading to an uninitialized variable in the DCT decoder. This can cause a segfault when attempting to read from an invalid addres...