Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libjpeg-turbo libjpeg-turbo vulnerabilities and exploits
(subscribe to this query)
829
VMScore
CVE-2019-2201
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for ...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
2 Github repositories
383
VMScore
CVE-2019-13960
In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of...
Libjpeg-turbo Libjpeg-turbo 2.0.2
384
VMScore
CVE-2018-14498
get_8bit_row in rdbmp.c in libjpeg-turbo up to and including 1.5.90 and MozJPEG up to and including 3.3.1 allows malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is o...
Mozilla Mozjpeg
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 28
Debian Debian Linux 8.0
Opensuse Leap 15.0
605
VMScore
CVE-2018-20330
The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.
Libjpeg-turbo Libjpeg-turbo 2.0.1
383
VMScore
CVE-2018-19664
libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpeg.
Libjpeg-turbo Libjpeg-turbo 2.0.1
383
VMScore
CVE-2018-1152
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
Libjpeg-turbo Libjpeg-turbo 1.5.90
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
446
VMScore
CVE-2018-11813
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
Ijg Libjpeg 9c
384
VMScore
CVE-2018-11212
An issue exists in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote malicious users to cause a denial of service (divide-by-zero error) via a crafted file.
Ijg Libjpeg 9a
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Netapp Snapmanager
Netapp Oncommand Workflow Automation
Netapp Oncommand Unified Manager
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 8.0
Oracle Jdk 11.0.1
Redhat Satellite 5.8
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Opensuse Leap 15.0
384
VMScore
CVE-2018-11213
An issue exists in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote malicious users to cause a denial of service (Segmentation fault) via a crafted file.
Ijg Libjpeg 9a
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
384
VMScore
CVE-2018-11214
An issue exists in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote malicious users to cause a denial of service (Segmentation fault) via a crafted file.
Ijg Libjpeg 9a
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »