Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2005-4676
Buffer overflow in Andreas Huggel Exiv2 prior to 0.9 does not null terminate strings before calling the sscanf function, which allows remote malicious users to cause a denial of service (application crash) via images with crafted IPTC metadata.
Andreas Huggel Exiv2 0.4
Andreas Huggel Exiv2 0.5
Andreas Huggel Exiv2 0.6.2
Andreas Huggel Exiv2 0.7
Andreas Huggel Exiv2 0.3
Andreas Huggel Exiv2 0.8
Andreas Huggel Exiv2 0.6
Andreas Huggel Exiv2 0.6.1
1 EDB exploit
516
VMScore
CVE-2018-9305
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
Exiv2 Exiv2
516
VMScore
CVE-2018-9144
In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.
Exiv2 Exiv2
383
VMScore
CVE-2018-9303
In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort.
Exiv2 Exiv2
383
VMScore
CVE-2018-9304
In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.
Exiv2 Exiv2
383
VMScore
CVE-2019-14982
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.
Exiv2 Exiv2
668
VMScore
CVE-2007-6353
Integer overflow in exif.cpp in exiv2 library allows context-dependent malicious users to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
Exiv2 Exiv2
383
VMScore
CVE-2018-10772
The tEXtToDataBuf function in pngimage.cpp in Exiv2 up to and including 0.26 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Exiv2 Exiv2
NA
CVE-2023-44398
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable function, `BmffImage::brotliUncompress`, is new in v0.28.0, so earlier versions of...
Exiv2 Exiv2 0.28.0
383
VMScore
CVE-2017-1000126
exiv2 0.26 contains a Stack out of bounds read in webp parser
Exiv2 Exiv2 0.26
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »