VYPR
Vendor

Kadu

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2023-6562Dec 20, 2023
    risk 0.00cvss epss 0.01

    JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker.

  • CVE-2019-5144Dec 12, 2019
    risk 0.00cvss epss 0.02

    An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file…

  • CVE-2012-1410Feb 29, 2012
    risk 0.00cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in the History Window implementation in Kadu 0.9.0 through 0.11.0 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) SMS message, (2) presence message, or (3) status description.

  • CVE-2006-0768Feb 18, 2006
    risk 0.00cvss epss 0.02

    Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large number of image send requests.

  • CVE-2005-3960Dec 1, 2005
    risk 0.00cvss epss 0.02

    Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information.

  • CVE-2005-1852Jul 26, 2005
    risk 0.00cvss epss 0.05

    Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.