Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 0.27.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-18831
Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote malicious users to cause a denial of service and other unspecified impacts via use of crafted file.
Exiv2 Exiv2 0.27.1
383
VMScore
CVE-2020-19716
A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS).
Exiv2 Exiv2 0.27.1
Debian Debian Linux 10.0
383
VMScore
CVE-2019-13109
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
Exiv2 Exiv2
Fedoraproject Fedora 30
383
VMScore
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
383
VMScore
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
516
VMScore
CVE-2020-18771
Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak.
Exiv2 Exiv2 0.27.99.0
Debian Debian Linux 10.0
383
VMScore
CVE-2019-13113
Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
383
VMScore
CVE-2019-13112
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
383
VMScore
CVE-2019-13114
http.c in Exiv2 up to and including 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
Exiv2 Exiv2
Fedoraproject Fedora 30
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
383
VMScore
CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted CRW image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »