Vulnerabilities > Kakadusoftware

DATE CVE VULNERABILITY TITLE RISK
2023-12-20 CVE-2023-6562 Unrestricted Upload of File with Dangerous Type vulnerability in Kakadusoftware Kakadu SDK
JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker.
network
low complexity
kakadusoftware CWE-434
7.5
7.5
2019-12-12 CVE-2019-5144 Out-of-bounds Write vulnerability in Kakadusoftware Kakadu Software 7.10.2
An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2.
network
low complexity
kakadusoftware CWE-787
8.8
8.8
2018-04-24 CVE-2017-2812 Out-of-bounds Write vulnerability in Kakadusoftware Kakadu SDK 7.9
A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9.
local
low complexity
kakadusoftware CWE-787
7.8
7.8
2018-04-24 CVE-2017-2811 Out-of-bounds Write vulnerability in Kakadusoftware Kakadu SDK 7.9
A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images.
local
low complexity
kakadusoftware CWE-787
7.8
7.8