Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libjpeg-turbo libjpeg-turbo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-29390
libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.
Libjpeg-turbo Libjpeg-turbo 2.0.90
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
4.3
CVSSv2
CVE-2018-14498
get_8bit_row in rdbmp.c in libjpeg-turbo up to and including 1.5.90 and MozJPEG up to and including 3.3.1 allows malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is o...
Mozilla Mozjpeg
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 28
Debian Debian Linux 8.0
Opensuse Leap 15.0
6.8
CVSSv2
CVE-2012-2806
Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image.
D.r.commander Libjpeg-turbo 1.2.0
6.8
CVSSv2
CVE-2017-9614
The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote malicious users to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due...
D.r.commander Libjpeg-turbo 1.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2014-9092
libjpeg-turbo prior to 1.3.1 allows remote malicious users to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
4.3
CVSSv2
CVE-2018-1152
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
Libjpeg-turbo Libjpeg-turbo 1.5.90
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2016-3616
The cjpeg utility in libjpeg allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
Libjpeg-turbo Libjpeg-turbo 7.4
Redhat Enterprise Linux 7.4
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 12.04
1 Github repository
5
CVSSv2
CVE-2013-6629
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo up to and including 1.3.0, as used in Google Chrome prior to 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that fol...
Google Chrome
Oracle Solaris 11.3
Artifex Gpl Ghostscript
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Firefox Esr
9.3
CVSSv2
CVE-2019-2201
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for ...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
2 Github repositories
NA
CVE-2021-0384
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »