39 matches found
EUVD-2019-14749
Malware in sbrugna...
EUVD-2017-11953
Malware in sbrugna...
EUVD-2017-11952
Malware in sbrugna...
EUVD-2023-58791
Malicious code in bioql PyPI...
CVE-2023-6562
JPX Fragment List flst box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker...
CVE-2023-6562
JPX Fragment List flst box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker...
CVE-2023-6562
JPX Fragment List flst box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker...
Design/Logic Flaw
JPX Fragment List flst box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker...
CVE-2023-6562
Kakadu 7.9 is affected by a JPX Fragment List (flst) box vulnerability that enables an attacker to exfiltrate local and remote files reachable by a server when the server accepts and displays a specially crafted image uploaded by the attacker. Connections across sources confirm the issue is tied ...
Kakadu Software SDK Code Issue Vulnerability
Kakadu Software SDK is a JPEG2000 software development kit SDK from Kakadu Software, an Australian company. A code issue vulnerability exists in Kakadu Software SDK version 7.9, which stems from a path traversal vulnerability. An attacker could use this vulnerability to access local and remote...
PT-2023-32693 · Kakadu · Kakadu
Name of the Vulnerable Software and Affected Versions: Kakadu version 7.9 Description: The issue allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted image that is displayed back to the attacker. This is...
CVE-2019-5144
An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigge...
CVE-2019-5144
An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigge...
Heap overflow
An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigge...
CVE-2019-5144
An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigge...
CVE-2019-5144
Kakadu Software SDK 7.10.2 contains a heap-based vulnerability in derive_taps_and_gains (kdu_v7ar.dll). The issue arises from a flawed interaction between allocate_floats and enlarge_work_buffers, which can cause a heap overflow when handling step_info_n, leading to potential remote code executio...
Kakadu Software SDK Numeric Error Vulnerability
Kakadu Software SDK is a set of JPEG2000 software development kits SDK from Kakadu Software, Australia. A numeric error vulnerability exists in the 'derivetapsandgains' function of the kduv7ar.dll file in version 7.10.2 of the Kakadu Software SDK, which arises from a networked system or product...
Vulnerability Spotlight: Kakadu Software SDK ATK marker code execution vulnerability
Aleksandar Nikolic and Emmanuel Tacheau of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Kakadu Software’s SDK contains an exploitable heap overflow. Kakadu serves as a framework for developers to create a variety of commercial and non-commercial applications. An attacker could...
Kakadu Software SDK ATK marker code execution vulnerability
Summary An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim t...
CVE-2017-2811
A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise...