Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-17402
Exiv2 0.27.2 allows malicious users to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
Exiv2 Exiv2 0.27.2
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
383
VMScore
CVE-2019-14982
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.
Exiv2 Exiv2
605
VMScore
CVE-2019-14368
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.
Exiv2 Exiv2 0.27.99.0
383
VMScore
CVE-2019-14369
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows malicious users to cause a denial of service (heap-based buffer over-read) via a crafted image file.
Exiv2 Exiv2 0.27.99.0
Debian Debian Linux 10.0
383
VMScore
CVE-2019-14370
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.
Exiv2 Exiv2 0.27.99.0
Debian Debian Linux 10.0
383
VMScore
CVE-2019-13504
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 up to and including 0.27.2.
Exiv2 Exiv2
Debian Debian Linux 8.0
Debian Debian Linux 10.0
1 Github repository
383
VMScore
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
383
VMScore
CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted CRW image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
383
VMScore
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
383
VMScore
CVE-2019-13112
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.
Exiv2 Exiv2
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »