Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libjpeg-turbo libjpeg-turbo vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-9092
libjpeg-turbo prior to 1.3.1 allows remote malicious users to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
4.3
CVSSv2
CVE-2013-6628
net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome prior to 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trus...
Google Chrome 31.0.1650.22
Google Chrome 31.0.1650.45
Google Chrome 31.0.1650.11
Google Chrome 31.0.1650.33
Google Chrome 31.0.1650.32
Google Chrome 31.0.1650.31
Google Chrome 31.0.1650.28
Google Chrome 31.0.1650.26
Google Chrome 31.0.1650.4
Google Chrome 31.0.1650.2
Google Chrome 31.0.1650.16
Google Chrome 31.0.1650.39
Google Chrome 31.0.1650.41
Google Chrome 31.0.1650.38
Google Chrome 31.0.1650.5
Google Chrome
Google Chrome 31.0.1650.36
Google Chrome 31.0.1650.43
Google Chrome 31.0.1650.34
Google Chrome 31.0.1650.13
Google Chrome 31.0.1650.44
Google Chrome 31.0.1650.23
4.3
CVSSv2
CVE-2013-6623
The SVG implementation in Blink, as used in Google Chrome prior to 31.0.1650.48, allows remote malicious users to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
Google Chrome 31.0.1650.22
Google Chrome 31.0.1650.45
Google Chrome 31.0.1650.11
Google Chrome 31.0.1650.33
Google Chrome 31.0.1650.32
Google Chrome 31.0.1650.31
Google Chrome 31.0.1650.28
Google Chrome 31.0.1650.26
Google Chrome 31.0.1650.4
Google Chrome 31.0.1650.2
Google Chrome 31.0.1650.16
Google Chrome 31.0.1650.39
Google Chrome 31.0.1650.41
Google Chrome 31.0.1650.38
Google Chrome 31.0.1650.5
Google Chrome
Google Chrome 31.0.1650.36
Google Chrome 31.0.1650.43
Google Chrome 31.0.1650.34
Google Chrome 31.0.1650.13
Google Chrome 31.0.1650.44
Google Chrome 31.0.1650.23
4.3
CVSSv2
CVE-2013-6626
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome prior to 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote malicious users to spoof the address ba...
Google Chrome 31.0.1650.22
Google Chrome 31.0.1650.45
Google Chrome 31.0.1650.11
Google Chrome 31.0.1650.33
Google Chrome 31.0.1650.32
Google Chrome 31.0.1650.31
Google Chrome 31.0.1650.28
Google Chrome 31.0.1650.26
Google Chrome 31.0.1650.4
Google Chrome 31.0.1650.2
Google Chrome 31.0.1650.16
Google Chrome 31.0.1650.39
Google Chrome 31.0.1650.41
Google Chrome 31.0.1650.38
Google Chrome 31.0.1650.5
Google Chrome
Google Chrome 31.0.1650.36
Google Chrome 31.0.1650.43
Google Chrome 31.0.1650.34
Google Chrome 31.0.1650.13
Google Chrome 31.0.1650.44
Google Chrome 31.0.1650.23
NA
CVE-2021-29390
libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.
Libjpeg-turbo Libjpeg-turbo 2.0.90
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2023-2804
A heap-based buffer overflow issue exists in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an atta...
Libjpeg-turbo Libjpeg-turbo 2.1.90
NA
CVE-2020-35538
A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.
Libjpeg-turbo Libjpeg-turbo 2.0.5
NA
CVE-2021-0384
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4