Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-18774
A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows malicious users to cause a denial of service (DOS) via a crafted tif file.
Exiv2 Exiv2 0.27.99.0
NA
CVE-2020-18831
Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote malicious users to cause a denial of service and other unspecified impacts via use of crafted file.
Exiv2 Exiv2 0.27.1
4.3
CVSSv2
CVE-2020-18899
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows malicious users to cause a denial of service (DOS) via a crafted input.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2017-17724
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-11339
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-11340
There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
6.8
CVSSv2
CVE-2017-12955
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-12957
There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
4.3
CVSSv2
CVE-2019-13109
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
Exiv2 Exiv2
Fedoraproject Fedora 30
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »