MiracleLinux 3 : netpbm-10.35.58-8.AXS3.3 (AXSA:2011-558:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-558:01 advisory. The netpbm package contains a library of functions which support programs for handling various graphics file formats, including .pbm portable bitmaps...

EUVD-2019-14653

Malware in sbrugna...

EUVD-2020-29689

Malware in sbrugna...

EUVD-2013-6825

Malware in sbrugna...

EUVD-2016-9702

Malware in sbrugna...

EUVD-2016-9704

Malware in sbrugna...

EUVD-2021-27896

Malicious code in bioql PyPI...

CVE-2024-0145

The CVE-2024-0145 entry concerns NVIDIA nvJPEG2000 (library version 0.8.0). TALOS documents a heap-based buffer overflow in the Ndecomp parameter handling when parsing JPEG2000 files, which can cause memory corruption and potentially arbitrary code execution. NVIDIA’s own bulletin corroborates th...

NVIDIA nvJPEG2000 Default Coding Styles Ndecomp buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2113 NVIDIA nvJPEG2000 Default Coding Styles Ndecomp buffer overflow vulnerability February 11, 2025 CVE Number CVE-2024-0145 SUMMARY A heap based buffer overflow vulnerability exists in the way Ndecomp parameter is used when parsing JPEG2000 files in NVIDIA...

CVE-2019-5046

A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the...

CVE-2019-5125

An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this...

CVE-2021-45057 Adobe InDesign JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe InDesign version 16.4 and earlier is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG2000 file...

CVE-2020-23566

Irfanview v4.53 was discovered to contain an infinity loop via JPEG2000!ShowPlugInSaveOptionsW+0x1ecd8...

Heap overflow

An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this...

CVE-2019-9136

DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed JPEG2000 format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

CVE-2017-14818

This vulnerability allows remote attackers to disclose sensitive on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Pillow 'j2k_encode_entry' function heap buffer overflow vulnerability

Pillow is a compiled version of PIL Python Image Processing Library with some bug fixes developed by American software developer Alex Clark. A heap buffer overflow vulnerability exists in the 'j2kencodeentry' function in Pillow versions 2.5.0 through 3.1.1. A remote attacker can exploit this...

Adobe Acrobat Reader DC JPEG2000 Out-of-Bounds Read Information Disclosure Vulnerability

Adobe Acrobat Reader DC is the United States of America Odooby Adobe company's set of tools for viewing, printing and annotating PDF. Adobe Acrobat Reader DC JPEG2000 has an out-of-bounds read information disclosure vulnerability due to the program failing to validate the value tag of the ihdr...

Adobe Acrobat Reader DC JPEG2000 Out-of-Bounds Read Information Disclosure Vulnerability (CNVD-2016-03135)

Adobe Acrobat Reader DC is the United States of America Ordoby Adobe company's set of tools for viewing, printing and annotating PDF. Adobe Acrobat Reader DC JPEG2000 has an out-of-bounds read information disclosure vulnerability due to the program failing to validate the value tag of the ihdr...

Adobe Reader JPEG2000 Out-of-Bounds Indexing Remote Code Execution Vulnerability

Adobe Reader is PDF document reading software. A security vulnerability exists in Adobe Reader's handling of PDFs with embedded JPEG2000 files. The vulnerability stems from a failure to ensure that an index is located in an allocated buffer. An attacker can exploit this vulnerability to execute...