13 matches found
EUVD-2020-4734
Malware in sbrugna...
EUVD-2020-28501
Malware in sbrugna...
EUVD-2005-2310
Malware in sbrugna...
EUVD-2021-26982
Malware in sbrugna...
CVE-2025-20929
The vulnerability CVE-2025-20929 affects Samsung Notes prior to version 4.4.26.71. The issue is an out-of-bounds write when parsing JPEG images, which Samsung notes local attackers could trigger to execute arbitrary code. The affected product is Samsung Notes (mobile app), with the root cause in ...
CVE-2020-23852
A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfifdecodevoid ctxt, BMP pb function at ffjpeg/src/jfif.c line 544 & line 545, which could cause a denial of service by submitting a malicious jpeg image...
PT-2021-6569 · Gthumb +3 · Gthumb +3
Name of the Vulnerable Software and Affected Versions: gThumb versions prior to 3.10.1 Description: The issue is related to insufficient input validation in the gThumb image processing application. It allows a remote attacker to cause a denial of service via a malformed JPEG image. Recommendation...
Updated libjpeg packages fix security vulnerabilities
The updated packages fix security vulnerabilities: A signed integer overflow and subsequent segfault that occurred when attempting to decompress images with more than 715827882 pixels using the 64-bit C version of TJBench. Out-of-bounds write in tjDecompressToYUV2 and tjDecompressToYUVPlanes...
Internet Bug Bounty: Out of bound read in exif_process_IFD_in_MAKERNOTE
I have found some vulnerable code that lacks check size of buffer may lead to memory out of read or write. Take a look at : static int exifprocessIFDinMAKERNOTEimageinfotype ImageInfo, char valueptr, int valuelen, char offsetbase, sizet IFDlength, sizet displacement SNIP switch makernote-offsetmo...
JDK unspecified vulnerability in Java2D component
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...
CVE-2004-0200
Buffer overflow in the JPEG JPG parsing engine in the Microsoft Graphic Device Interface Plus GDI+ component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy...
CVE-2000-0655
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1...
CVE-2000-0655
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1...