Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 0.26 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-9304
In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.
Exiv2 Exiv2
7.5
CVSSv3
CVE-2017-11591
There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2017-17669
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2017-11683
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2017-14859
An Invalid memory address dereference exists in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2017-14862
An Invalid memory address dereference exists in Exiv2::DataValue::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2018-16336
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote malicious users to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2017-14864
An Invalid memory address dereference exists in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Exiv2 Exiv2 0.26
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2018-10772
The tEXtToDataBuf function in pngimage.cpp in Exiv2 up to and including 0.26 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Exiv2 Exiv2
8.1
CVSSv3
CVE-2018-9305
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
Exiv2 Exiv2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »