Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jpeg vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-9848
In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote malicious users to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the config[upload_class] value from jpg,gif,png,jpeg to jpg,gif,png,jp...
Gxlcms Gxlcms Qy 1.0.0713
6.5
CVSSv3
CVE-2016-1924
The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Uclouvain Openjpeg
9.8
CVSSv3
CVE-2017-8358
LibreOffice prior to 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.
Libreoffice Libreoffice
9.8
CVSSv3
CVE-2019-7684
inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the /video...
Inxedu Inxedu
5.5
CVSSv3
CVE-2020-36427
GNOME gThumb prior to 3.10.1 allows an application crash via a malformed JPEG image.
Gnome Gthumb
NA
CVE-2024-32036
ImageSharp is a 2D graphics API. A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TGA image file to a software using ImageSharp, potentially disclosing sensitive informati...
8.8
CVSSv3
CVE-2015-8751
Integer overflow in the jas_matrix_create function in JasPer allows context-dependent malicious users to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
Jasper Project Jasper
7.8
CVSSv3
CVE-2021-28021
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.
Stb Project Stb 2.26
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2016-1923
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Uclouvain Openjpeg 2.1.0
9.8
CVSSv3
CVE-2019-11926
Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions before 3.30.9, all versions between 4.0.0 and 4.8.3, all...
Facebook Hhvm 4.19.0
Facebook Hhvm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »