Filtered by vendor Kakadusoftware
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6562 | 1 Kakadusoftware | 1 Kakadu Sdk | 2023-12-28 | 7.5 High |
| JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker. | ||||
| CVE-2019-5144 | 1 Kakadusoftware | 1 Kakadu Software | 2022-06-17 | 8.8 High |
| An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigger this vulnerability. | ||||
| CVE-2017-2812 | 1 Kakadusoftware | 1 Kakadu Sdk | 2022-04-19 | N/A |
| A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise. | ||||
| CVE-2017-2811 | 1 Kakadusoftware | 1 Kakadu Sdk | 2022-04-19 | N/A |
| A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise. | ||||
Page 1 of 1.