Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-11338
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2017-11339
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2017-11340
There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.26
8.1
CVSSv3
CVE-2017-17723
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2017-17724
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2020-18774
A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allows malicious users to cause a denial of service (DOS) via a crafted tif file.
Exiv2 Exiv2 0.27.99.0
6.5
CVSSv3
CVE-2018-11037
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote malicious users to cause an information leak via a crafted file.
Exiv2 Exiv2 0.26
7.5
CVSSv3
CVE-2017-11553
There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service.
Exiv2 Exiv2 0.26
6.5
CVSSv3
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-13109
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
Exiv2 Exiv2
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »