Lucene search
K

150 matches found

RedhatCVE
RedhatCVE
added 2024/01/15 6:0 a.m.31 views

CVE-2023-51257

A flaw in jasper was discovered where an invalid memory write occurred due to the absence of a proper range check in the JPC encoder. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of...

7.3CVSS7.3AI score0.00256EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/14 12:0 a.m.4 views

Jasper Security Vulnerabilities

Jasper is a flexible and powerful GitHub issue reader open-sourced by Jasper. Jasper has a security vulnerability that stems from a lack of range checking in the JPC encoder, leading to invalid memory writes...

7.8CVSS6.8AI score0.00256EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/09/08 12:0 a.m.7 views

PT-2023-28248 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

5.5CVSS7.2AI score0.00391EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/09/08 12:0 a.m.19 views

PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2023/03/29 7:15 p.m.21 views

CVE-2022-37375

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS4AI score0.0073EPSS
Exploits0References2
OSV
OSV
added 2023/03/29 7:15 p.m.3 views

CVE-2022-37375

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS4.9AI score0.0073EPSS
Exploits0References2
Prion
Prion
added 2023/03/29 7:15 p.m.26 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

1.9CVSS5.2AI score0.0073EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/29 12:0 a.m.17 views

CVE-2022-37375

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.1AI score0.0073EPSS
Exploits0References2
CVE
CVE
added 2023/03/29 12:0 a.m.60 views

CVE-2022-37375

CVE-2022-37375 affects PDF-XChange Editor. The vulnerability lies in the parsing of JPC files where crafted JPC data can trigger a read past the end of an allocated buffer, enabling an information disclosure. Exploitation requires user interaction (visiting a malicious page or opening a malicious...

5.5CVSS4AI score0.0073EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/29 12:0 a.m.28 views

CVE-2022-37375

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.5AI score0.0073EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.1 views

SUSE CVE-2016-9393

The jpcpinextrpcl function in jpct2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...

5.5CVSS7.4AI score0.01932EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.4 views

SUSE CVE-2016-9396

The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion failure via unspecified vectors...

3.3CVSS8.1AI score0.05686EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.3 views

SUSE CVE-2016-9397

The jpcdequantize function in jpcdec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

3.3CVSS6.9AI score0.03588EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.2 views

SUSE CVE-2016-9398

The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

7.5CVSS7.5AI score0.05981EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.5 views

SUSE CVE-2016-9399

The calcstepsizes function in jpcdec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

5.5CVSS6.9AI score0.03757EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2016-10248

The jpctsfbsynthesize function in jpctsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference via vectors involving an empty sequence...

5.5CVSS8.1AI score0.04039EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.2 views

SUSE CVE-2016-10249

Integer overflow in the jpcdectiledecode function in jpcdec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow...

7.8CVSS8.8AI score0.02049EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5500

libjasper/jpc/jpcdec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service crash via vectors involving left shift of a negative value...

5.5CVSS6.8AI score0.01333EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.4 views

SUSE CVE-2017-13746

There is a reachable assertion abort in the function jpcdecprocesssiz in jpc/jpcdec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack...

7.5CVSS6.9AI score0.0403EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.3 views

SUSE CVE-2017-13745

There is a reachable assertion abort in the function jpcdecprocesssot in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpcppmstabtostreams return value, a different vulnerability than CVE-2018-9154...

7.5CVSS8.1AI score0.03869EPSS
Exploits0References5
Rows per page
Query Builder