Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4676
Buffer overflow in Andreas Huggel Exiv2 prior to 0.9 does not null terminate strings before calling the sscanf function, which allows remote malicious users to cause a denial of service (application crash) via images with crafted IPTC metadata.
Andreas Huggel Exiv2 0.4
Andreas Huggel Exiv2 0.5
Andreas Huggel Exiv2 0.6.2
Andreas Huggel Exiv2 0.7
Andreas Huggel Exiv2 0.3
Andreas Huggel Exiv2 0.8
Andreas Huggel Exiv2 0.6
Andreas Huggel Exiv2 0.6.1
1 EDB exploit
6.5
CVSSv3
CVE-2018-9304
In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.
Exiv2 Exiv2
8.1
CVSSv3
CVE-2018-9144
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
Exiv2 Exiv2
6.5
CVSSv3
CVE-2018-9303
In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort.
Exiv2 Exiv2
6.5
CVSSv3
CVE-2018-10772
The tEXtToDataBuf function in pngimage.cpp in Exiv2 up to and including 0.26 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Exiv2 Exiv2
NA
CVE-2007-6353
Integer overflow in exif.cpp in exiv2 library allows context-dependent malicious users to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
Exiv2 Exiv2
8.1
CVSSv3
CVE-2018-9305
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
Exiv2 Exiv2
6.5
CVSSv3
CVE-2019-14982
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.
Exiv2 Exiv2
5.5
CVSSv3
CVE-2017-14858
There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2018-17230
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote malicious users to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Exiv2 Exiv2 0.26
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »