Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4491
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf prior to 2.31.5, as used in Mozilla Firefox prior to 40.0 and Firefox ESR 38.x prior to 38.2 on Linux, Google Chrome on Linux, and other products, allows remote malicious users to execute arbitrar...
Gnome Gdk-pixbuf
Oracle Solaris 10
Oracle Solaris 11.3
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Fedoraproject Fedora 21
Fedoraproject Fedora 22
NA
CVE-2008-2160
Multiple unspecified vulnerabilities in the JPEG (GDI+) and GIF image processing in Microsoft Windows CE 5.0 allow remote malicious users to execute arbitrary code via crafted (1) JPEG and (2) GIF images.
Microsoft Windows Embedded Compact 5.0
6.5
CVSSv3
CVE-2017-15232
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
Libjpeg-turbo Libjpeg-turbo 1.5.2
9.8
CVSSv3
CVE-2023-45554
File Upload vulnerability in zzzCMS v.2.1.9 allows a remote malicious user to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp.
Zzzcms Zzzcms 2.1.9
NA
CVE-2012-4988
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote malicious users to execute arbitrary code via a crafted JLS image file.
Xnview Xnview 1.99
Xnview Xnview 1.99.1
1 EDB exploit
6.5
CVSSv3
CVE-2014-9092
libjpeg-turbo prior to 1.3.1 allows remote malicious users to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
5.5
CVSSv3
CVE-2005-0406
A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.
Image Processing Project Image Processing -
NA
CVE-2006-1552
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote malicious users to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom".
Apple Safari 1.0
Apple Safari 2.0
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 1.3
Apple Safari 1.1
Apple Safari 1.2
Apple Safari 2.0 Pre
Apple Safari Beta2
Apple Mac Os X 10.4.3
Apple Mac Os X 10.4.4
Apple Mac Os X Server 10.4.5
Apple Imageio
Apple Mac Os X 10.4
Apple Mac Os X Server 10.4.1
Apple Mac Os X Server 10.4.2
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.2
Apple Mac Os X Server 10.4.3
NA
CVE-2012-2845
Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote malicious users to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.
Curtis Galloway Exif 0.6.20
NA
CVE-2012-1499
The JPEG 2000 codec (jp2.c) in OpenJPEG prior to 1.5 allows remote malicious users to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
Uclouvain Openjpeg
Uclouvain Openjpeg 1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »