Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Uclouvain Subscribe
Total 77 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10507 1 Uclouvain 1 Openjpeg 2020-09-09 4.3 MEDIUM 6.5 MEDIUM
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.
CVE-2016-9118 1 Uclouvain 1 Openjpeg 2020-09-09 5.0 MEDIUM 5.3 MEDIUM
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
CVE-2018-14423 2 Debian, Uclouvain 2 Debian Linux, Openjpeg 2020-09-09 5.0 MEDIUM 7.5 HIGH
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
CVE-2012-1499 1 Uclouvain 1 Openjpeg 2020-09-09 9.3 HIGH N/A
The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
CVE-2013-6045 1 Uclouvain 1 Openjpeg 2020-09-09 7.5 HIGH N/A
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-4290 1 Uclouvain 1 Openjpeg 2020-09-09 10.0 HIGH N/A
Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.
CVE-2013-4289 1 Uclouvain 1 Openjpeg 2020-09-09 10.0 HIGH N/A
Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer overflow.
CVE-2013-1447 1 Uclouvain 1 Openjpeg 2020-09-09 5.0 MEDIUM N/A
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
CVE-2014-0158 2 Opensuse, Uclouvain 2 Opensuse, Openjpeg 2020-09-09 6.8 MEDIUM 8.8 HIGH
Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045. NOTE: this is not a duplicate of CVE-2013-1447, because the scope of CVE-2013-1447 was specifically defined in http://openwall.com/lists/oss-security/2013/12/04/6 as only "null pointer dereferences, division by zero, and anything that would just fit as DoS."
CVE-2013-6887 1 Uclouvain 1 Openjpeg 2020-09-09 6.4 MEDIUM N/A
OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.
CVE-2013-6054 1 Uclouvain 1 Openjpeg 2020-09-09 7.5 HIGH N/A
Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.
CVE-2013-6053 1 Uclouvain 1 Openjpeg 2020-09-09 5.0 MEDIUM N/A
OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
CVE-2013-6052 1 Uclouvain 1 Openjpeg 2020-09-09 5.0 MEDIUM N/A
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
CVE-2019-6988 1 Uclouvain 1 Openjpeg 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
CVE-2018-18088 2 Debian, Uclouvain 2 Debian Linux, Openjpeg 2019-08-21 4.3 MEDIUM 6.5 MEDIUM
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
CVE-2017-17479 1 Uclouvain 1 Openjpeg 2018-11-29 7.5 HIGH 9.8 CRITICAL
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
CVE-2018-16376 1 Uclouvain 1 Openjpeg 2018-10-31 6.8 MEDIUM 8.8 HIGH
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.