CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/10/15 12:0 a.m.•2 views

Amazon Linux 2023 : cuda-toolkit (ALAS2023NVIDIA-2025-210)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-210 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

5.7CVSS5.4AI score0.00018EPSS

Tenable Nessus•added 2025/10/15 12:0 a.m.•3 views

Amazon Linux 2023 : cuda-nvtx-12 (ALAS2023NVIDIA-2025-215)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-215 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

5.7CVSS5.4AI score0.00018EPSS

Amazon•added 2025/10/14 12:0 a.m.•1 views

Medium: libcufile-12-9

Issue Overview: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. CVE-2025-23272 Affected Packages:...

Amazon•added 2025/10/14 12:0 a.m.•3 views

Medium: cuda-documentation-12-9

Amazon•added 2025/10/14 12:0 a.m.•1 views

Medium: cuda-cudart-12-9

Amazon•added 2025/10/14 12:0 a.m.•1 views

Medium: libnvjpeg-12-9

Tenable Nessus•added 2025/09/05 12:0 a.m.•3 views

FreeBSD : exiv2 -- Denial-of-service (340dc4c1-895a-11f0-b6e5-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 340dc4c1-895a-11f0-b6e5-4ccc6adda413 advisory. Kevin Backhouse reports: A denial-of-service was found in Exiv2 version v0.28.5: a quadratic algorithm ...

5.5CVSS5.9AI score0.00011EPSS

Exploits1References3

RedhatCVE•added 2025/09/03 1:5 a.m.•2 views

CVE-2025-55304

A denial of service flaw was found in exiv2. A quadratic algorithm in the ICC profile parsing code in the jpegBase::readMetadata function can cause Exiv2 to run for a long time. When Exiv2 is used to read the metadata of a crafted jpg image file, it triggers a denial of service. Mitigation...

5.5CVSS6.3AI score0.00011EPSS

Exploits1References7

OSV•added 2025/04/14 11:58 a.m.•1 views

CLSA-2025-1744631931 libjpeg-turbo: Fix of CVE-2021-29390

CVE-2021-29390: fix buffer overrun with certain narrow prog JPEGs...

7.1CVSS7.2AI score0.00066EPSS

Exploits0References1

Cvelist•added 2025/02/26 1:55 a.m.•12 views

CVE-2022-49165 media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers If the application queues an NV12M jpeg as output buffer, but then queues a single planar capture buffer, the kernel will crash with "Unable to handle kerne...

0.00143EPSS

CNNVD•added 2025/02/26 12:0 a.m.•3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the imx-jpeg driver not properly handling single-plane buffers when decoding NV12M jpegs, resulting in a cra...

5.5CVSS5.5AI score0.00143EPSS

Exploits0References5

OSV•added 2024/03/20 6:15 a.m.•0 views

UBUNTU-CVE-2024-28571

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the fillinputbuffer function when reading images in JPEG format...

5.5CVSS5.8AI score0.0004EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 5:33 a.m.•0 views

SUSE CVE-2013-6630

The getdht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table DHT JPEG markers, which allows remote...

5CVSS8.5AI score0.01521EPSS

Exploits0References8

Positive Technologies•added 2022/02/08 12:0 a.m.•2 views

PT-2022-6564 · Ffjpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 01.01.2021 Description: The issue is a global buffer overflow that could cause a Denial of Service by using a crafted jpeg file. It is similar to a previously known issue. The problem lies in the jfif encode function ...

7.8CVSS6.5AI score0.00278EPSS

Exploits1References6

Positive Technologies•added 2022/01/13 12:0 a.m.•2 views

PT-2022-7150 · Open Design Alliance · Open Design Alliance Drawings Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2022.12.1 Description: The issue is related to a buffer overflow in the Drawings SDK, which can be exploited by an attacker using a specially crafted file, potentially leading to the executi...

7.8CVSS8AI score0.01103EPSS

Exploits0References6

Positive Technologies•added 2021/06/11 12:0 a.m.•1 views

PT-2021-14800 · Accusoft · Accusoft Imagegear

Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.9 Description: An out-of-bounds write issue exists in the JPG Handle JPEG420 functionality. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger th...

9.8CVSS8AI score0.00433EPSS

Exploits1References2

CNNVD•added 2021/04/26 12:0 a.m.•1 views

Foxit Studio Photo 缓冲区错误漏洞

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An out-of-bounds write vulnerability exists in Foxit Studio Photo version 3.6.6.931 when parsing JP2 files. The vulnerability stems from the program not properly validating user input. An attacker could...

7.8CVSS6.3AI score0.01777EPSS