CVE-2025-8837

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...

AZL-66165 CVE-2025-8836 affecting package jasper for versions less than 4.2.1-3

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...

AZL-66201 CVE-2025-8836 affecting package jasper for versions less than 2.0.32-5

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...

CVE-2025-8837 JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...

CVE-2025-8836

CVE-2025-8836 affects JasPer up to 4.2.5, where manipulation in jpc_floorlog2 (src/libjasper/jpc/jpc_enc.c - JPC Encoder) can trigger a reachable assertion. Exploitation is described as local; public exploit guidance exists. Remediation is available via patches, e.g., upgrade to JasPer 4.2.8 (ope...

CVE-2025-8836 JasPer JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...

CVE-2025-8835

A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jasimagechclrspc of the file src/libjasper/base/jasimage.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack...

CVE-2025-8835

CVE-2025-8835 (and related CVEs 8836, 8837) affects JasPer up to version 4.2.5. The vulnerability lies in jas_image_chclrspc in src/libjasper/base/jas_image.c, causing a null pointer dereference with local attack vector. Open advisories show the same root cause across multiple distributions (SUSE...

CVE-2025-8745

A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An...

PT-2025-32530

Name of the Vulnerable Software and Affected Versions: JasPer versions up to 4.2.5 Description: A use-after-free vulnerability exists in JasPer up to version 4.2.5. The issue affects the jpc dec dump function within the JPEG2000 File Handler component, located in the file src/libjasper/jpc/jpc...

PT-2025-32528

Name of the Vulnerable Software and Affected Versions: JasPer versions up to 4.2.5 Description: A vulnerability exists in JasPer up to version 4.2.5, specifically within the JPEG2000 Encoder component. The issue resides in the jpc floorlog2 function located in the src/libjasper/jpc/jpc enc.c file...

Linux Distros Unpatched Vulnerability : CVE-2025-3549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function...

Linux Distros Unpatched Vulnerability : CVE-2025-6490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function...

CVE-2025-8745 Weee RICEPO App com.ricepo.app AndroidManifest.xml improper export of android application components

A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An...

Linux Distros Unpatched Vulnerability : CVE-2025-7546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the...

Linux Distros Unpatched Vulnerability : CVE-2025-3548

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set...

Linux Distros Unpatched Vulnerability : CVE-2025-2926

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. T...

Linux Distros Unpatched Vulnerability : CVE-2025-2913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The...

CVE-2025-8735

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...