Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-4676
Buffer overflow in Andreas Huggel Exiv2 prior to 0.9 does not null terminate strings before calling the sscanf function, which allows remote malicious users to cause a denial of service (application crash) via images with crafted IPTC metadata.
Andreas Huggel Exiv2 0.4
Andreas Huggel Exiv2 0.5
Andreas Huggel Exiv2 0.6.2
Andreas Huggel Exiv2 0.7
Andreas Huggel Exiv2 0.3
Andreas Huggel Exiv2 0.8
Andreas Huggel Exiv2 0.6
Andreas Huggel Exiv2 0.6.1
1 EDB exploit
5.8
CVSSv2
CVE-2018-9305
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
Exiv2 Exiv2
5.8
CVSSv2
CVE-2018-9144
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
Exiv2 Exiv2
4.3
CVSSv2
CVE-2018-9303
In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort.
Exiv2 Exiv2
4.3
CVSSv2
CVE-2018-9304
In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.
Exiv2 Exiv2
4.3
CVSSv2
CVE-2019-14982
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.
Exiv2 Exiv2
7.5
CVSSv2
CVE-2007-6353
Integer overflow in exif.cpp in exiv2 library allows context-dependent malicious users to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
Exiv2 Exiv2
4.3
CVSSv2
CVE-2018-10772
The tEXtToDataBuf function in pngimage.cpp in Exiv2 up to and including 0.26 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Exiv2 Exiv2
4.3
CVSSv2
CVE-2018-5772
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2008-2696
Exiv2 0.16 allows user-assisted remote malicious users to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.
Exiv2 Exiv2 0.16
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »