Denial Of Service (DoS)

libopenjpeg.so is vulnerable to denial of service. The vulnerability exists in opjdwtcalcexplicitstepsizes function of dwt.c due to buffer overflow which allows an attacker to crash the application via malicious input...

Updated openjpeg2 packages fix security vulnerabilities

A heap-buffer overwrites error was discovered in lib/openjp2/mqc.c in OpenJPEG 2.3.1. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution CVE-2020-27814. A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker ...

Updated jasper packages fix security vulnerability

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability CVE-2020-27828...

CVE-2020-0244

In writeBurstBufferBytes of SPDIFEncoder.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no clear exfiltration path, with no additional execution privileges needed. User interaction is needed for...

ImageMagick Out-of-Bounds Read Vulnerability (CNVD-2021-25964)

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 7.0.8-68 that stems...

The vulnerability of the Adobe Media Encoder application, related to reading beyond the buffer in memory, allows an attacker to disclose protected information or cause service failures.

The vulnerability of the Adobe Media Encoder application relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause service failures...

CVE-2020-27842

A flaw was found in OpenJPEG’s t2 encoder. This flaw allows an attacker who can provide crafted input to be processed by OpenJPEG to cause a NULL pointer dereference issue. The highest threat to this vulnerability is to system availability...

CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

Out-of-bounds

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

UBUNTU-CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

CVE-2020-27828

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability...

CVE-2020-27828

CVE-2020-27828 (Jasper) is described in connected data as a heap-based buffer overflow in the jpc_enc.c cp_create() path, arising from crafted input. In the CP4S advisory, affected products are Cloud Pak for Security (CP4S) 1.8.1.0, 1.8.0.0, and 1.7.2.0. IBM recommends upgrading to CP4S 1.9.0.0 t...

JasPer jpc encoder input validation error vulnerability

JasPer is a C-based tool for image processing from the individual developer Michael Adams. The software supports the JPEG-2000 format as defined in ISO / IEC 15444-1 and is primarily used for image encoding and processing. A security vulnerability exists in jpc encoder prior to version 2.0.23 in...

CVE-2020-27824

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

UBUNTU-CVE-2020-27824

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Mitigation This flaw can be mitigated by...

CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

UBUNTU-CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...