68 matches found
EUVD-2017-1553
Malware in sbrugna...
EUVD-2021-9120
Malicious code in bioql PyPI...
EUVD-2022-38321
Malicious code in bioql PyPI...
CVE-2020-13439
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfifdecode in jfif.c...
Exploit for CVE-2023-47400
CVE-2023-47400 Proof of Concept for the CVE-2023-47400 Aut...
ffjpeg Security Vulnerabilities
ffjpeg is a JPEG encoder/decoder from the Chinese individual developer Kai Chen. A security vulnerability exists in rockcarry ffjpeg version 1.0.0, which originates from a buffer overflow vulnerability in the function jfifdecode. An attacker can exploit this vulnerability to execute arbitrary cod...
PT-2023-11665 · Rockcarry · Ffjpeg
Name of the Vulnerable Software and Affected Versions: rockcarry ffjpeg versions 1.0.0 and earlier Description: The issue is related to a Buffer Overflow vulnerability in the jfif decode function, which allows local attackers to execute arbitrary code due to an issue with ALIGN. This vulnerabilit...
SUSE CVE-2009-3872
Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...
CVE-2022-35433
ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c...
CVE-2022-28471
In ffjpeg commit hash: caade60, the function bmpload in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfifencode in jfif.c. This is due to the incomplete patch for issue 38...
PT-2022-19049 · Ffjpeg · Ffjpeg
Name of the Vulnerable Software and Affected Versions: ffjpeg affected versions not specified Description: The issue is related to an integer overflow vulnerability in the bmp load function in bmp.c, which can lead to a heap overflow in jfif encode in jfif.c. This vulnerability is a result of an...
Accusoft ImageGear Input Validation Error Vulnerability
Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. Accusoft ImageGear suffers from an Input Validation Error vulnerability that originates from a boundary error when handling untrusted input in the JPEG-JFIF scan header parser function. An attacker could...
CVE-2021-21946
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
CVE-2021-21947
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
CVE-2021-21949
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21946
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
Heap overflow
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
Heap overflow
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
Input validation
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21949
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability...