Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exiv2 exiv2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-2696
Exiv2 0.16 allows user-assisted remote malicious users to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.
Exiv2 Exiv2 0.16
6.8
CVSSv2
CVE-2019-9144
An issue exists in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an malicious user to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-4868
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote malicious users to cause a denial of service (excessive memory allocation) via a crafted file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-10780
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-17722
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from ...
Exiv2 Exiv2 0.26
4.3
CVSSv2
CVE-2018-19607
Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-20096
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-20098
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Exiv2 Exiv2 0.27
4.3
CVSSv2
CVE-2018-8977
In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote malicious users to cause a denial of service (invalid memory access) via a crafted file.
Exiv2 Exiv2 0.26
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »