Lucene search
K

138 matches found

CVE
CVE
added 5 days ago12 views

CVE-2026-55687

CVE-2026-55687 describes a stack-based out-of-bounds write in the Espressif ESF-IDF JPEG decoder marker parsing (jpeg_parse_dqt_marker). The attack uses the attacker-controlled DQT marker Tq nibble as an index into the qt_tbl array without validating it is within 0..3, enabling malformed JPEG inp...

7.5CVSS6.1AI score0.00385EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added last week4 views

gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS6AI score0.00301EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week3 views

gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS6AI score0.00301EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/18 1:53 a.m.6 views

SUSE CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 9:30 p.m.15 views

EUVD-2026-36798

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References4
NVD
NVD
added 2026/06/15 8:16 p.m.10 views

CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS0.00301EPSS
Exploits0References6
OSV
OSV
added 2026/06/15 8:16 p.m.7 views

UBUNTU-CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/15 7:10 p.m.7 views

CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0
CVE
CVE
added 2026/06/15 7:10 p.m.34 views

CVE-2026-52719

GStreamer: out-of-bounds read in the VA JPEG decoder of gst-plugins-bad (CVE-2026-52719). The JPEG parser reads a segment length without validating against available data, enabling a remote attacker to craft a JPEG that, when opened by a user, may cause parsing to read beyond the input buffer, po...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/15 7:10 p.m.43 views

CVE-2026-52719 Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds read via jpeg segment length validation in va decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS0.00301EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.27 views

Linux Distros Unpatched Vulnerability : CVE-2026-52719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the...

7.1CVSS6AI score0.00301EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/21 9:33 p.m.13 views

CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS0.0032EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/21 9:33 p.m.6 views

CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS6.6AI score0.0032EPSS
Exploits0References5
OSV
OSV
added 2025/11/21 9:33 p.m.7 views

CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS6.8AI score0.0032EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-12112

Malware in sbrugna...

9.3CVSS8.6AI score0.09125EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-3455

Malware in sbrugna...

7.5CVSS8.3AI score0.04338EPSS
Exploits1References46
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-8548

Malware in sbrugna...

6.2CVSS7.7AI score0.00402EPSS
Exploits0References7
OSV
OSV
added 2025/10/04 12:11 a.m.19 views

RLSA-2025:7242 Moderate: gstreamer1-plugins-good security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: OOB-read in...

6.2CVSS6.7AI score0.01161EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-1108

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00575EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25857

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00352EPSS
Exploits0References2
Rows per page
Query Builder