Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exif vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2014-3903
Cross-site scripting (XSS) vulnerability in the Cakifo theme 1.x prior to 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data.
Jayj Cakifo 1.4.3
Jayj Cakifo 1.4.2
Jayj Cakifo 1.4.1
Jayj Cakifo 1.5.0
Jayj Cakifo 1.4.4
Jayj Cakifo 1.6
Jayj Cakifo 1.5.1
Jayj Cakifo
Jayj Cakifo 1.4
6.8
CVSSv2
CVE-2019-9278
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: A...
Google Android 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
2.1
CVSSv2
CVE-2005-3319
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x prior to 5.1.0 final and 4.4 prior to 4.4.1 final allows malicious users to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.0.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0
Php Php 4.0.2
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
4.3
CVSSv2
CVE-2005-3388
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
Php Php 4.3.9
Php Php 4.2.0
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
1 EDB exploit
4.3
CVSSv2
CVE-2006-1165
Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki prior to 2006-03-05 allows remote malicious users to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."
Andreas Gohr Dokuwiki Release 2004-07-07
Andreas Gohr Dokuwiki Release 2004-07-12
Andreas Gohr Dokuwiki Release 2004-09-25
Andreas Gohr Dokuwiki Release 2004-09-30
Andreas Gohr Dokuwiki Release 2004-10-19
Andreas Gohr Dokuwiki Release 2005-02-06
Andreas Gohr Dokuwiki Release 2005-02-18
Andreas Gohr Dokuwiki Release 2004-07-21
Andreas Gohr Dokuwiki Release 2004-07-25
Andreas Gohr Dokuwiki Release 2004-11-01
Andreas Gohr Dokuwiki Release 2004-11-02
Andreas Gohr Dokuwiki Release 2005-05-07
Andreas Gohr Dokuwiki Release 2005-07-01
Andreas Gohr Dokuwiki Release 2004-08-08
Andreas Gohr Dokuwiki Release 2004-08-15a
Andreas Gohr Dokuwiki Release 2004-11-10
Andreas Gohr Dokuwiki Release 2005-01-14
Andreas Gohr Dokuwiki Release 2005-07-13
Andreas Gohr Dokuwiki Release 2005-09-19
Andreas Gohr Dokuwiki Release 2004-07-04
Andreas Gohr Dokuwiki Release 2004-08-22
Andreas Gohr Dokuwiki Release 2004-09-12
6.8
CVSSv2
CVE-2012-0247
ImageMagick 6.7.5-7 and previous versions allows remote malicious users to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.
Imagemagick Imagemagick
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Redhat Storage 2.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.2
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Server Eus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
4.3
CVSSv2
CVE-2012-1798
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick prior to 6.7.6-3 allows remote malicious users to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
Imagemagick Imagemagick
Debian Debian Linux 6.0
Redhat Storage 2.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.2
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Server Eus 6.2
Redhat Enterprise Linux Workstation 6.0
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
4.3
CVSSv2
CVE-2012-0259
The GetEXIFProperty function in magick/property.c in ImageMagick prior to 6.7.6-3 allows remote malicious users to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.
Imagemagick Imagemagick
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
5
CVSSv2
CVE-2020-0198
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10A...
Google Android 10.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 33
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Libexif Project Libexif
7.5
CVSSv2
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote malicious users to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS&...
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 5.0.2
Php Php 5.0.3
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »