Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-9144
An issue exists in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Exiv2 Exiv2 0.27
6.5
CVSSv3
CVE-2018-17282
An issue exists in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2018-17229
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote malicious users to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2018-17230
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote malicious users to cause a denial of service (heap-based buffer overflow) via a crafted image file.
Exiv2 Exiv2 0.26
8.8
CVSSv3
CVE-2017-12955
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-1000126
exiv2 0.26 contains a Stack out of bounds read in webp parser
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-1000127
Exiv2 0.26 contains a heap buffer overflow in tiff parser
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2020-18899
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows malicious users to cause a denial of service (DOS) via a crafted input.
Exiv2 Exiv2 0.27
6.5
CVSSv3
CVE-2017-17722
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
Exiv2 Exiv2 0.26
8.1
CVSSv3
CVE-2017-17723
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.
Exiv2 Exiv2 0.26
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »