EUVD-2018-18917

Malware in sbrugna...

MAL-2025-14367 Malicious code in alpha-jpx-project (npm)

The package alpha-jpx-project was found to contain malicious code...

Malicious code in alpha-jpx-project (npm)

The package alpha-jpx-project was found to contain malicious code...

CVE-2023-6562

JPX Fragment List flst box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker...

CVE-2023-6562

JPX Fragment List flst box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker...

CVE-2023-6562

Kakadu 7.9 is affected by a JPX Fragment List (flst) box vulnerability that enables an attacker to exfiltrate local and remote files reachable by a server when the server accepts and displays a specially crafted image uploaded by the attacker. Connections across sources confirm the issue is tied ...

PT-2023-32693 · Kakadu · Kakadu

Name of the Vulnerable Software and Affected Versions: Kakadu version 7.9 Description: The issue allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted image that is displayed back to the attacker. This is...

SUSE CVE-2009-1861

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...

SUSE CVE-2018-7175

An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components...

SUSE CVE-2018-7455

An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8106

The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service heap-based buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2019-12293

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

CVE-2022-24107

Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

poppler: integer overflow in JPXStream::init function leading to memory consumption

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

xpdf denial of service vulnerability (CNVD-2018-06674)

Xpdf is Foo Labs developed an open source PDF reader , it supports decoding LZW compressed format files and read encrypted PDF files . Xpdf 4.00 version of the JPXStream.cc file in the 'JPXStream::fillReadBuf' function has a security vulnerability. An attacker can exploit this vulnerability to...

xpdf denial of service vulnerability (CNVD-2018-06681)

Xpdf is an open source PDF file viewer, this software runs on X Window as well as Motif. xpdf also runs on all classes of Unix operating systems. xpdf 4.00 in the JPXStream.cc in the JPXStream::readTilePartData function has a denial of service vulnerability. An attacker can exploit this...

DEBIAN-CVE-2018-7455

An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml...

Null pointer dereference

An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components...