Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lepton vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-8891
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
Dropbox Lepton 1.2.1
5.5
CVSSv3
CVE-2017-7448
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
Dropbox Lepton 1.2.1
5.5
CVSSv3
CVE-2016-6235
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted jpeg file.
Lepton Project Lepton 1.0
5.5
CVSSv3
CVE-2016-6234
The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause a denial of service (crash) via a crafted jpeg file.
Lepton Project Lepton 1.0
5.5
CVSSv3
CVE-2016-6236
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted jpeg file.
Lepton Project Lepton 1.0
5.5
CVSSv3
CVE-2016-6237
The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause denial of service (out-of-bounds write) via a crafted jpeg file.
Lepton Project Lepton 1.0
5.5
CVSSv3
CVE-2016-6238
The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause denial of service (out-of-bounds read) via a crafted jpeg file.
Lepton Project Lepton 1.0
4.8
CVSSv3
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered.
Lepton-cms Leptoncms 4.7.0
NA
CVE-2024-29514
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated malicious users to execute arbitrary code via uploading a crafted PHP file.
NA
CVE-2024-29515
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated malicious users to execute arbitrary code via uploading a crafted PHP file to the save.php and config.php component.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »