Rockcarry
Products
1- 13 CVEs
Recent CVEs
16| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-24222 | 0.00 | — | 0.00 | Aug 11, 2023 | Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. | |||
| CVE-2021-45385 | 0.00 | — | 0.00 | Feb 11, 2022 | A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it… | |||
| CVE-2021-44956 | 0.00 | — | 0.00 | Feb 8, 2022 | Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file. | |||
| CVE-2021-44957 | 0.00 | — | 0.00 | Feb 8, 2022 | Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file. | |||
| CVE-2020-23705 | 0.00 | — | 0.00 | Jul 15, 2021 | A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file. | |||
| CVE-2020-23852 | 0.00 | — | 0.00 | May 18, 2021 | A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image. | |||
| CVE-2020-23851 | 0.00 | — | 0.00 | May 18, 2021 | A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image. | |||
| CVE-2020-15470 | 0.00 | — | 0.00 | Jul 1, 2020 | ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. | |||
| CVE-2020-13438 | 0.00 | — | 0.00 | May 24, 2020 | ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. | |||
| CVE-2020-13440 | 0.00 | — | 0.00 | May 24, 2020 | ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. | |||
| CVE-2020-13439 | 0.00 | — | 0.00 | May 24, 2020 | ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. | |||
| CVE-2019-19887 | 0.00 | — | 0.00 | Dec 18, 2019 | bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode. | |||
| CVE-2019-19888 | 0.00 | — | 0.00 | Dec 18, 2019 | jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error. | |||
| CVE-2019-16351 | 0.00 | — | 0.00 | Sep 16, 2019 | ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c. | |||
| CVE-2019-16352 | 0.00 | — | 0.00 | Sep 16, 2019 | ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. | |||
| CVE-2018-16781 | 0.00 | — | 0.01 | Sep 10, 2018 | ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table. |
- CVE-2020-24222Aug 11, 2023risk 0.00cvss —epss 0.00
Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.
- CVE-2021-45385Feb 11, 2022risk 0.00cvss —epss 0.00
A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 (2021-12-06) in bmp_load(). When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to `pb->pdata` and did not exit the program. So the program crashes when it…
- CVE-2021-44956Feb 8, 2022risk 0.00cvss —epss 0.00
Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file.
- CVE-2021-44957Feb 8, 2022risk 0.00cvss —epss 0.00
Global buffer overflow vulnerability exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23705. Issue is in the jfif_encode function at ffjpeg/src/jfif.c (line 708) could cause a Denial of Service by using a crafted jpeg file.
- CVE-2020-23705Jul 15, 2021risk 0.00cvss —epss 0.00
A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.
- CVE-2020-23852May 18, 2021risk 0.00cvss —epss 0.00
A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image.
- CVE-2020-23851May 18, 2021risk 0.00cvss —epss 0.00
A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image.
- CVE-2020-15470Jul 1, 2020risk 0.00cvss —epss 0.00
ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c.
- CVE-2020-13438May 24, 2020risk 0.00cvss —epss 0.00
ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
- CVE-2020-13440May 24, 2020risk 0.00cvss —epss 0.00
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
- CVE-2020-13439May 24, 2020risk 0.00cvss —epss 0.00
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
- CVE-2019-19887Dec 18, 2019risk 0.00cvss —epss 0.00
bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointer dereference related to jfif_encode.
- CVE-2019-19888Dec 18, 2019risk 0.00cvss —epss 0.00
jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zero error.
- CVE-2019-16351Sep 16, 2019risk 0.00cvss —epss 0.00
ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c.
- CVE-2019-16352Sep 16, 2019risk 0.00cvss —epss 0.00
ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.
- CVE-2018-16781Sep 10, 2018risk 0.00cvss —epss 0.01
ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table.