Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libexif libexif vulnerabilities and exploits
(subscribe to this query)
231
VMScore
CVE-2005-0664
Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag.
Libexif Libexif 0.6.9
668
VMScore
CVE-2012-2814
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
Libexif Project Libexif 0.6.20
668
VMScore
CVE-2012-2841
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote malicious users to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, lea...
Libexif Project Libexif 0.6.20
694
VMScore
CVE-2018-20030
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
Libexif Project Libexif 0.6.21
606
VMScore
CVE-2009-3895
Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are...
Libexif Project Libexif 0.6.18
445
VMScore
CVE-2020-0181
In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Google Android 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Libexif Project Libexif
516
VMScore
CVE-2016-6328
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
Libexif Project Libexif
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
445
VMScore
CVE-2020-13114
An issue exists in libexif prior to 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
Libexif Project Libexif
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
383
VMScore
CVE-2021-27815
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and previous versions allows malicious users to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.
Libexif Project Exif
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
570
VMScore
CVE-2020-13112
An issue exists in libexif prior to 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
Libexif Project Libexif
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »