Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 0.26 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-19108
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
Exiv2 Exiv2 0.26
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2018-18915
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-17581
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
Exiv2 Exiv2 0.26
Exiv2 Exiv2 0.27
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
4.3
CVSSv2
CVE-2018-17282
An issue exists in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-17229
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote malicious users to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-17230
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote malicious users to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-16336
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
4.3
CVSSv2
CVE-2018-11037
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote malicious users to cause an information leak via a crafted file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-10998
An issue exists in Exiv2 0.26. readMetadata in jp2image.cpp allows remote malicious users to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
4.3
CVSSv2
CVE-2018-10999
An issue exists in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.
Exiv2 Exiv2 0.26
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »