Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1499
The JPEG 2000 codec (jp2.c) in OpenJPEG prior to 1.5 allows remote malicious users to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
Uclouvain Openjpeg
Uclouvain Openjpeg 1.3
NA
CVE-2008-2548
Stack-based buffer overflow in the JPEG thumbprint component in the EXIF parser on Motorola cell phones with RAZR firmware allows user-assisted remote malicious users to execute arbitrary code via an MMS transmission of a malformed JPEG image, which triggers memory corruption.
Motorola Razr
7.8
CVSSv3
CVE-2020-10682
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code (it need not be a valid JPEG file).
Cmsmadesimple Cms Made Simple 2.2.13
8.8
CVSSv3
CVE-2017-2925
Adobe Flash Player versions 24.0.0.186 and previous versions have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
Adobe Flash Player
7.8
CVSSv3
CVE-2017-2811
A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise.
Kakadusoftware Kakadu Sdk 7.9
NA
CVE-2006-6297
Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote malicious users to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which res...
Kde Kdegraphics 3.2
Kde Kdegraphics 3.4.3
NA
CVE-2013-5349
Integer underflow in Picasa3.exe in Google Picasa prior to 3.9.0 Build 137.69 allows remote malicious users to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a sm...
Google Picasa 3.9.0
8.8
CVSSv3
CVE-2020-6066
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed f...
Accusoft Imagegear 19.5.0
7.8
CVSSv3
CVE-2019-5089
An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 4.0.7 x64. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an malicious user to execute arbitrary code on the victim machine. An attacker could exploit ...
Investintech Able2extract 14.0.7
8.8
CVSSv3
CVE-2020-6069
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide...
Accusoft Imagegear 19.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »