Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libjpeg vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-5252
libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the get_raw_sample_int function in imagew-main.c.
Entropymine Imageworsener 1.3.2
6.5
CVSSv3
CVE-2017-15232
libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.
Libjpeg-turbo Libjpeg-turbo 1.5.2
6.5
CVSSv3
CVE-2014-9092
libjpeg-turbo prior to 1.3.1 allows remote malicious users to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
8.8
CVSSv3
CVE-2017-9614
The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote malicious users to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due...
D.r.commander Libjpeg-turbo 1.5.1
1 EDB exploit
7.8
CVSSv3
CVE-2017-8826
FastStone Image Viewer 6.2 has a "User Mode Write AV" issue, possibly related to the jpeg_mem_term function in jmemnobs.c in libjpeg. This issue can be triggered by a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Acc...
Faststone Image Viewer 6.2
8.8
CVSSv3
CVE-2016-3616
The cjpeg utility in libjpeg allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
Libjpeg-turbo Libjpeg-turbo 7.4
Redhat Enterprise Linux 7.4
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 12.04
1 Github repository
7.8
CVSSv3
CVE-2016-6702
A remote code execution vulnerability in libjpeg in Android 4.x prior to 4.4.4, 5.0.x prior to 5.0.2, and 5.1.x prior to 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High ...
Google Android 4.0.2
Google Android 4.0.3
Google Android 4.0.4
Google Android 4.1
Google Android 5.1.0
Google Android 4.3
Google Android 4.3.1
Google Android 4.4
Google Android 4.4.1
Google Android 4.4.2
Google Android 4.0.1
Google Android 4.1.2
Google Android 4.2.1
Google Android 4.4.3
Google Android 5.0.1
Google Android 4.0
Google Android 4.2
Google Android 4.2.2
Google Android 5.0
Google Android 5.1
NA
CVE-2010-5110
DCTStream.cc in Poppler prior to 0.13.3 allows remote malicious users to cause a denial of service (crash) via a crafted PDF file.
Freedesktop Poppler 0.13.0
Freedesktop Poppler
Freedesktop Poppler 0.13.1
NA
CVE-2013-6631
Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome prior to 31.0.1650.48 and other products, allows remote malicious users to cause a denial of service (heap memory corruption) or possib...
Google Chrome 31.0.1650.41
Google Chrome 31.0.1650.39
Google Chrome 31.0.1650.32
Google Chrome 31.0.1650.31
Google Chrome 31.0.1650.23
Google Chrome 31.0.1650.22
Google Chrome 31.0.1650.13
Google Chrome 31.0.1650.43
Google Chrome 31.0.1650.42
Google Chrome 31.0.1650.34
Google Chrome 31.0.1650.33
Google Chrome 31.0.1650.26
Google Chrome 31.0.1650.25
Google Chrome 31.0.1650.15
Google Chrome 31.0.1650.14
Google Chrome 31.0.1650.7
Google Chrome 31.0.1650.6
Google Chrome 31.0.1650.46
Google Chrome 31.0.1650.45
Google Chrome 31.0.1650.44
Google Chrome 31.0.1650.36
Google Chrome 31.0.1650.35
NA
CVE-2013-6629
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo up to and including 1.3.0, as used in Google Chrome prior to 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that fol...
Google Chrome
Oracle Solaris 11.3
Artifex Gpl Ghostscript
Libjpeg-turbo Libjpeg-turbo
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Firefox Esr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »