Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-14857
In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-14858
There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-14860
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-14861
There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-14863
A NULL pointer dereference exists in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-14865
There is a heap-based buffer overflow in the Exiv2::us2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
Exiv2 Exiv2 0.26
5.5
CVSSv3
CVE-2017-14866
There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2017-12956
There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2019-13109
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
Exiv2 Exiv2
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »