Lucene search
K

52 matches found

CNVD
CNVD
added 2022/02/15 12:0 a.m.21 views

ffjpeg Denial of Service Vulnerability (CNVD-2022-12798)

ffjpeg is a JPEG encoder/decoder by the individual developer Kai Chen in China. A rejection vulnerability exists in ffjpeg, which originates when the size information in the metadata of a bmp is out of range, it returns without allocating a memory buffer to pb-pdata and without exiting the progra...

6.5CVSS6.4AI score0.00893EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2020/09/30 6:42 a.m.7 views

Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...

8.8CVSS7.3AI score0.01938EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 10:11 a.m.8 views

Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...

8.8CVSS7.3AI score0.01938EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:49 a.m.5 views

Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...

8.8CVSS7.3AI score0.01938EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:33 a.m.11 views

Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...

8.8CVSS7.3AI score0.01938EPSS
Exploits0References5
CNVD
CNVD
added 2020/05/25 12:0 a.m.5 views

ffjpeg buffer overflow vulnerability (CNVD-2020-31580)

ffjpeg is a JPEG encoder/decoder. A security vulnerability exists in the jfifencode of the jfif.c file in ffjpeg version 2020-02-24 and earlier. An attacker can exploit this vulnerability to cause a denial of service...

6.5CVSS6.8AI score0.00839EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/06 12:0 a.m.7 views

jpeg_encoder Heap Buffer Overflow Vulnerability

jpegencoder is an encoder for compressing images in other formats into jpeg format images. A heap buffer overflow vulnerability exists in the 'readFromBMP' function of the jpegencoder.cpp file in jpegencoder 2015-11-27 and earlier versions. An attacker could exploit this vulnerability to execute...

7.8CVSS8AI score0.0105EPSS
Exploits1References1
OSV
OSV
added 2018/08/05 6:29 p.m.3 views

CVE-2018-14945

An issue has been found in jpegencoder through 2015-11-27. It is a heap-based buffer overflow in the function readFromBMP in jpegencoder.cpp...

7.8CVSS6AI score0.0105EPSS
Exploits1References2
Prion
Prion
added 2018/08/05 6:29 p.m.17 views

Design/Logic Flaw

An issue has been found in jpegencoder through 2015-11-27. It is a SEGV in the function readFromBMP in jpegencoder.cpp. The signal is caused by an out-of-bounds write...

6.8CVSS7.6AI score0.01001EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2015/11/26 1:41 p.m.15 views

Mozilla: Buffer overflow during image interactions in canvas (MFSA 2015-123)

Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via vectors involving a CANVAS element and crafted JavaScript code...

6.8CVSS7.9AI score0.0311EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2010/08/02 8:43 p.m.7 views

JDK unspecified vulnerability in ImageIO component

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

7.5CVSS6.3AI score0.06581EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/04/29 5:49 p.m.6 views

JDK unspecified vulnerability in ImageIO component

Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...

7.5CVSS6.3AI score0.06581EPSS
Exploits0References4
Rows per page
Query Builder