CLSA-2026-1770311244 gimp: Fix of 2 CVEs

CVE-2025-14425: fix JP2 image loader buffer overflow by validating pixel buffer size calculation to prevent potential remote code execution - CVE-2025-14422: fix parsing of PNM files to prevent integer overflow leading to remote code execution...

EUVD-2010-0536

Malware in sbrugna...

EUVD-2008-1575

Malware in sbrugna...

EUVD-2020-9369

Malware in sbrugna...

EUVD-2011-0231

Malware in sbrugna...

CVE-2022-24971

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Sante DICOM Viewer Pro 安全漏洞

Santesoft Sante DICOM Viewer Pro is a powerful viewer, anonymizer, converter and PACS client from Santesoft Cyprus. Works with DICOM files of all models and manufacturers. A security vulnerability exists in Sante DICOM Viewer Pro, which stems from a carefully crafted J2K image that can be written...

SUSE CVE-2013-2869

Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service out-of-bounds read via a crafted JPEG2000 image...

CVE-2022-24369

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2016-5159

An integer overflow, leading to a heap buffer overflow, was found in openjpeg, also affecting the PDF viewer in Chromium. A specially crafted JPEG2000 image could cause an incorrect calculation when allocating memory for code blocks, which could lead to a crash, or potentially, code execution...

Heap overflow

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...

OpenJPEG Denial of Service Vulnerability (CNVD-2017-27280)

OpenJPEG is a C-based open source JPEG 2000 codec . A denial of service vulnerability exists in the opjdecompress component of OpenJPEG, which could be exploited by a remote attacker to conduct a denial of service attack or remotely execute arbitrary code by constructing a specially crafted J2K...

openjpeg: incorrect fix for CVE-2013-6045

A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or possible code execution...

Amazon Linux AMI : openjpeg (ALAS-2017-807)

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. CVE-2016-5139 , CVE-2016-5158 , CVE-2016-5159 , CVE-2016-7163 A...

Medium: openjpeg

Issue Overview: Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-716...

Foxit Reader < 8.2 Multiple Vulnerabilities

Binary data 9898.prm...

CVE-2016-8879

The thumbnail shell extension plugin FoxitThumbnailHndlrx86.dll in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service out-of-bounds write and application crash via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap...

CVE-2016-8879

The thumbnail shell extension plugin FoxitThumbnailHndlrx86.dll in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to cause a denial of service out-of-bounds write and application crash via a crafted JPEG2000 image embedded in a PDF document, aka an "Exploitable - Heap...

CVE-2016-8877

Heap buffer overflow Out-of-Bounds write vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted JPEG2000 image embedded in a PDF document, aka a "corrupted suffix pattern" issue...