Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-1923
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Uclouvain Openjpeg 2.1.0
7.8
CVSSv3
CVE-2021-28021
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.
Stb Project Stb 2.26
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
NA
CVE-2014-9029
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and previous versions allow remote malicious users to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
Jasper Project Jasper
6.1
CVSSv3
CVE-2020-26208
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the...
Jhead Project Jhead
NA
CVE-2010-0390
Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote malicious users to execute arbitrary code by uploading a file w...
Phpf1 Max\\'s Image Uploader 1.0
1 EDB exploit
7.8
CVSSv3
CVE-2022-41751
Jhead 3.06.0.1 allows malicious users to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.
Jhead Project Jhead 3.06.0.1
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2023-26974
Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0.
Irfanview Irfanview 4.62
NA
CVE-2014-0349
Multiple unspecified vulnerabilities in J2k-Codec allow remote malicious users to execute arbitrary code via a crafted JPEG 2000 file.
J2k-codec J2k-codec -
NA
CVE-2009-0914
Opera prior to 9.64 allows remote malicious users to execute arbitrary code via a crafted JPEG image that triggers memory corruption.
Opera Opera Browser 9.25
Opera Opera Browser 9.24
Opera Opera Browser 9.02
Opera Opera Browser 9.01
Opera Opera Browser 8.54
Opera Opera Browser 8.01
Opera Opera Browser 7.54
Opera Opera Browser 7.53
Opera Opera Browser 7.03
Opera Opera Browser 7.0
Opera Opera Browser 6.0
Opera Opera Browser 6.03
Opera Opera Browser 6.02
Opera Opera Browser 5.0
Opera Opera Browser 5.10
Opera Opera Browser 5.12
Opera Opera Browser 4.00
Opera Opera Browser 3.21
Opera Opera Browser 3.10
Opera Opera Browser 2.10
Opera Opera Browser 2.00
Opera Opera Browser 1.00
8.1
CVSSv3
CVE-2023-41484
An issue in cimg.eu Cimg Library v2.9.3 allows an malicious user to obtain sensitive information via a crafted JPEG file.
Cimg Cimg 2.9.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »