Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-20092
File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.
Articlecms Project Articlecms 1.0
NA
CVE-2008-2548
Stack-based buffer overflow in the JPEG thumbprint component in the EXIF parser on Motorola cell phones with RAZR firmware allows user-assisted remote malicious users to execute arbitrary code via an MMS transmission of a malformed JPEG image, which triggers memory corruption.
Motorola Razr
7.8
CVSSv3
CVE-2020-10682
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code (it need not be a valid JPEG file).
Cmsmadesimple Cms Made Simple 2.2.13
8.8
CVSSv3
CVE-2017-2925
Adobe Flash Player versions 24.0.0.186 and previous versions have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
Adobe Flash Player
7.8
CVSSv3
CVE-2017-2811
A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise.
Kakadusoftware Kakadu Sdk 7.9
NA
CVE-2013-5349
Integer underflow in Picasa3.exe in Google Picasa prior to 3.9.0 Build 137.69 allows remote malicious users to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a sm...
Google Picasa 3.9.0
NA
CVE-2006-6297
Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote malicious users to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which res...
Kde Kdegraphics 3.2
Kde Kdegraphics 3.4.3
8.8
CVSSv3
CVE-2020-6066
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed f...
Accusoft Imagegear 19.5.0
7.8
CVSSv3
CVE-2019-5089
An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 4.0.7 x64. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an malicious user to execute arbitrary code on the victim machine. An attacker could exploit ...
Investintech Able2extract 14.0.7
8.8
CVSSv3
CVE-2020-6069
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide...
Accusoft Imagegear 19.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »