CVE-2022-34999

JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl...

DEBIAN-CVE-2022-28042

stbimage.h v2.27 was discovered to contain an heap-based use-after-free via the function stbijpeghuffdecode...

ffjpeg 缓冲区错误漏洞

ffjpeg is a JPEG encoder/decoder. ffjpeg suffers from a buffer overflow vulnerability that stems from a failure of the jfifdecode function in the product/src/jfif.c file to properly handle memory boundaries, which could be exploited by an attacker to cause a denial of service via a special jpeg...

ok-file-formats 缓冲区错误漏洞

ok-file-formats is an open source decoder for PNG, JPEG, WAV and several other file formats. A security vulnerability exists in ok-file-formats, which stems from a vulnerability that allows an attacker to cause a denial of service DOS via a crafted jpeg file...

SUSE: Security Advisory (SUSE-SU-2020:3359-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:3460-1)

This update for java-180-openjdk fixes the following issues : Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: Add...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2020:3159-1)

"This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 - New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector - Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling +...

Security update for java-11-openjdk (moderate)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2020:1984-1 Rating: moderate References: 1177943 Cross-References: CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 Affected Products:...

Fedora 31 : 1:java-11-openjdk (2020-421f817e5f)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...

Investintech Able2Extract professional JPEG decoding code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an attacker to execute arbitrary code on the victim machine. An attacker could exploit a vulnerability by...

libjpeg-turbo Denial of Service Vulnerability

libjpeg is a C library that contains JPEG decoding and JPEG encoding functions. libjpeg-turbo is an optimized version of libjpeg. A security vulnerability exists in the 'fillinputbuffer' function of the jdatasrc.c file in libjpeg-turbo version 1.5.1. A remote attacker can exploit this vulnerabili...

Samsung - m2m1shot Kernel Driver Buffer Overflow

Samsung - m2m1shot Kernel Driver Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=493 The Samsung m2m1shot driver framework is used to provide hardware acceleration for certain media functions, such as JPEG decoding and scaling images. The driver endpoin...

UBUNTU-CVE-2015-1872

The ffmjpegdecodesof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...

UBUNTU-CVE-2014-8541

libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via...

Mozilla: Out of bounds read while decoding JPG images (MFSA-2014-37)

Heap-based buffer overflow in the readu32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG image...

libjpeg-turbo

Buffer overflow on JPEG decoding...

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.2 regression (USN-1049-2)

USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. We apologize for the inconvenience. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn...

Mozilla Thunderbird 3.1.x < 3.1.8 Multiple Vulnerabilities

Binary data 5810.prm...

Mozilla Firefox 3.6.x < 3.6.14 Multiple Vulnerabilities

Binary data 5808.prm...

Ubuntu: Security Advisory (USN-1050-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...