CVE-2025-65092

ESF-IDF (Espressif IoT Development Framework) contains a vulnerability in the ESP32-P4 hardware JPEG decoder where the software JPEG parser lacks validation, allowing an out-of-bounds array access when processing crafted images. Affected versions are 5.5.1, 5.4.3, and 5.3.4; mitigations are fixes...

CVE-2025-21054

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

CVE-2025-21054

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

CVE-2025-21053

Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...

CVE-2025-21053

Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...

CVE-2025-21054

CVE-2025-21054 affects Samsung mobile devices via the libpadm.so library, where an out-of-bounds read in the parsing header for JPEG decoding can allow a local attacker to access memory outside expected boundaries. The issue is rooted in the JPEG header parsing path in libpadm.so and is associate...

CVE-2025-21054

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

EUVD-2025-33679

Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...

PT-2025-41515

Name of the Vulnerable Software and Affected Versions libpadm.so versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds read issue exists in the parsing header for JPEG decoding. This can allow a local attacker to potentially access memory outside of the intended boundaries. The...

EUVD-2016-5530

Malware in sbrugna...

CVE-2024-7868

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

AZL-47871 CVE-2024-7868 affecting package cppcheck for versions less than 2.18.3-1

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

AZL-47857 CVE-2024-7868 affecting package cppcheck 2.7-2

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

CVE-2024-7868 Uninitialized variable in Xpdf 4.05 due to invalid JPEG header

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

CVE-2024-7868 Uninitialized variable in Xpdf 4.05 due to invalid JPEG header

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

Xpdf 安全漏洞

Xpdf is a free PDF viewer and toolkit from Xpdf, Inc. that includes a text extractor, image converter, HTML converter, and more. A security vulnerability exists in Xpdf version 4.05 and earlier versions, which stems from invalid header information in the DCT JPEG stream that could lead to...

SUSE CVE-2012-2806

Heap-based buffer overflow in the getsos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large component count in the header of a JPEG image...

SUSE CVE-2016-4543

The exifprocessIFDinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...

Heap buffer overflow in Exiv2::Jp2Image::encodeJp2Header

...

Accusoft ImageGear缓冲区错误漏洞

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in Accusoft ImageGear versions 19.8 and 19.9, which stems from an out-of-bounds write vulnerability in the program's JPG comp header processing functionality that can be...