Vulnerabilities > Uclouvain > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-06-26 CVE-2018-20845 Divide By Zero vulnerability in Uclouvain Openjpeg
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
network
low complexity
uclouvain CWE-369
6.5
2019-01-28 CVE-2019-6988 Allocation of Resources Without Limits or Throttling vulnerability in Uclouvain Openjpeg 2.3.0
An issue was discovered in OpenJPEG 2.3.0.
network
uclouvain CWE-770
4.3
2018-10-09 CVE-2018-18088 NULL Pointer Dereference vulnerability in multiple products
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
4.3
2018-09-03 CVE-2018-16376 Out-of-bounds Write vulnerability in Uclouvain Openjpeg 2.3.0
An issue was discovered in OpenJPEG 2.3.0.
network
uclouvain CWE-787
6.8
2018-09-03 CVE-2018-16375 Out-of-bounds Write vulnerability in Uclouvain Openjpeg 2.3.0
An issue was discovered in OpenJPEG 2.3.0.
network
uclouvain CWE-787
6.8
2018-08-01 CVE-2016-9572 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images.
network
low complexity
uclouvain debian CWE-476
6.5
2018-07-19 CVE-2018-14423 Divide By Zero vulnerability in multiple products
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
network
low complexity
uclouvain debian CWE-369
5.0
2018-04-10 CVE-2014-0158 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045.
6.8
2018-02-04 CVE-2018-6616 Resource Exhaustion vulnerability in multiple products
In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c.
4.3
2018-01-19 CVE-2018-5785 Integer Overflow or Wraparound vulnerability in multiple products
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c).
4.3