Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-39516
An issue exists in libjpeg up to and including 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get() located in huffmandecoder.hpp. It allows an malicious user to cause Denial of Service.
Jpeg Libjpeg
4.3
CVSSv2
CVE-2021-39519
An issue exists in libjpeg up to and including 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData() located in blockbitmaprequester.cpp It allows an malicious user to cause Denial of Service.
Jpeg Libjpeg
4.3
CVSSv2
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use.
Jpeg Libjpeg 1.63
NA
CVE-2022-35166
libjpeg commit 842c7ba exists to contain an infinite loop via the component JPEG::ReadInternal.
Jpeg Libjpeg 2022-06-15
9.3
CVSSv2
CVE-2007-2771
Stack-based buffer overflow in the LEAD Technologies LeadTools JPEG 2000 LEADJ2K.LEADJ2K.140 ActiveX control (LTJ2K14.ocx) 14.5.0.35 allows remote malicious users to execute arbitrary code via a long BitmapDataPath property.
Lead Technologies Leadtools Jpeg 2000 14.5.0.35
1 EDB exploit
5
CVSSv2
CVE-2006-3005
The JPEG library in media-libs/jpeg prior to 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent malicious users to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.
Gentoo Media-libs Jpeg 6b
Gentoo Linux
9.3
CVSSv2
CVE-2007-4470
Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control prior to 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in prior to 8.1, allow remote malicious users to execute arbitrary code via unspecified vectors.
Er Mapper Image Web Server Ecw Jpeg 2000 Plug-in
9.3
CVSSv2
CVE-2004-0200
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote malicious users to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length ...
Microsoft .net Framework 1.0
Microsoft Frontpage 2003
Microsoft Greetings 2002
Microsoft Picture It 2002
Microsoft Picture It 7.0
Microsoft Publisher 2003
Microsoft Visio 2002
Microsoft Visual C\\+\\+ 2003
Microsoft Visual J\\# .net 2003
Microsoft Excel 2003
Microsoft Frontpage 2002
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Project 2002
Microsoft Project 2003
Microsoft Publisher 2002
Microsoft Visual C\\# 2003
Microsoft Visual C\\+\\+ 2002
Microsoft Digital Image Suite 9
Microsoft Excel 2002
Microsoft Office Xp
Microsoft Onenote 2003
6 EDB exploits
7.5
CVSSv2
CVE-2021-27804
JPEG XL (aka jpeg-xl) up to and including 0.3.2 allows writable memory corruption.
Libjxl Project Libjxl
NA
CVE-2023-35790
An issue exists in dec_patch_dictionary.cc in libjxl prior to 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.
Libjxl Project Libjxl
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »