Skip to main content

Ffjpeg

12 CVEs product

Monthly

CVE-2022-35433 MEDIUM POC This Month

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-28471 MEDIUM POC This Month

In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-15470 MEDIUM This Month

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Ffjpeg
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2020-13440 MEDIUM POC This Month

ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-13439 MEDIUM POC This Month

ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-13438 MEDIUM POC This Month

ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2019-19888 MEDIUM POC This Month

jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-19887 MEDIUM POC This Month

bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2019-16352 MEDIUM POC This Month

ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-16351 MEDIUM POC This Month

ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-16350 MEDIUM POC This Month

ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ffjpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2018-16781 MEDIUM This Month

ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ffjpeg
NVD GitHub
CVSS 3.0
6.5
EPSS
1.0%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered to contain a memory leak via /src/jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

In ffjpeg (commit hash: caade60), the function bmp_load() in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfif_encode() in jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Ffjpeg
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM This Month

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() at dct.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ffjpeg
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ffjpeg
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy