Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libjpeg-turbo libjpeg-turbo vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-11213
An issue exists in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote malicious users to cause a denial of service (Segmentation fault) via a crafted file.
Ijg Libjpeg 9a
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
6.5
CVSSv3
CVE-2018-11214
An issue exists in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote malicious users to cause a denial of service (Segmentation fault) via a crafted file.
Ijg Libjpeg 9a
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
7.5
CVSSv3
CVE-2018-11813
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
Ijg Libjpeg 9c
7.1
CVSSv3
CVE-2020-14152
In IJG JPEG (aka libjpeg) prior to 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.
Ijg Libjpeg
Debian Debian Linux 9.0
NA
CVE-2013-6630
The get_dht function in jdmarker.c in libjpeg-turbo up to and including 1.3.0, as used in Google Chrome prior to 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG ...
Google Chrome 31.0.1650.22
Google Chrome 31.0.1650.45
Google Chrome 31.0.1650.11
Google Chrome 31.0.1650.33
Google Chrome 31.0.1650.32
Google Chrome 31.0.1650.31
Google Chrome 31.0.1650.28
Google Chrome 31.0.1650.26
Google Chrome 31.0.1650.4
Google Chrome 31.0.1650.2
Google Chrome 31.0.1650.16
Google Chrome 31.0.1650.39
Google Chrome 31.0.1650.41
Google Chrome 31.0.1650.38
Google Chrome 31.0.1650.5
Google Chrome
Google Chrome 31.0.1650.36
Google Chrome 31.0.1650.43
Google Chrome 31.0.1650.34
Google Chrome 31.0.1650.13
Google Chrome 31.0.1650.44
Google Chrome 31.0.1650.23
6.5
CVSSv3
CVE-2018-11212
An issue exists in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote malicious users to cause a denial of service (divide-by-zero error) via a crafted file.
Ijg Libjpeg 9a
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Netapp Snapmanager
Netapp Oncommand Workflow Automation
Netapp Oncommand Unified Manager
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 8.0
Oracle Jdk 11.0.1
Redhat Satellite 5.8
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Opensuse Leap 15.0
8.8
CVSSv3
CVE-2021-37972
Out of bounds read in libjpeg-turbo in Google Chrome before 94.0.4606.54 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2013-6623
The SVG implementation in Blink, as used in Google Chrome prior to 31.0.1650.48, allows remote malicious users to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
Google Chrome
Google Chrome 31.0.1650.46
Google Chrome 31.0.1650.37
Google Chrome 31.0.1650.36
Google Chrome 31.0.1650.29
Google Chrome 31.0.1650.28
Google Chrome 31.0.1650.19
Google Chrome 31.0.1650.18
Google Chrome 31.0.1650.10
Google Chrome 31.0.1650.9
Google Chrome 31.0.1650.2
Google Chrome 31.0.1650.0
Google Chrome 31.0.1650.45
Google Chrome 31.0.1650.44
Google Chrome 31.0.1650.35
Google Chrome 31.0.1650.34
Google Chrome 31.0.1650.27
Google Chrome 31.0.1650.26
Google Chrome 31.0.1650.17
Google Chrome 31.0.1650.16
Google Chrome 31.0.1650.15
Google Chrome 31.0.1650.8
NA
CVE-2013-6632
Integer overflow in Google Chrome prior to 31.0.1650.57 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 7.0
2 Github repositories
NA
CVE-2013-6621
Use-after-free vulnerability in Google Chrome prior to 31.0.1650.48 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element.
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Google Chrome 31.0.1650.41
Google Chrome 31.0.1650.39
Google Chrome 31.0.1650.31
Google Chrome 31.0.1650.30
Google Chrome 31.0.1650.22
Google Chrome 31.0.1650.20
Google Chrome 31.0.1650.13
Google Chrome 31.0.1650.12
Google Chrome 31.0.1650.11
Google Chrome 31.0.1650.4
Google Chrome 31.0.1650.3
Google Chrome 31.0.1650.45
Google Chrome 31.0.1650.44
Google Chrome 31.0.1650.35
Google Chrome 31.0.1650.34
Google Chrome 31.0.1650.27
Google Chrome 31.0.1650.26
Google Chrome 31.0.1650.17
Google Chrome 31.0.1650.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »