Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libexif vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2020-13113
An issue exists in libexif prior to 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
Libexif Project Libexif
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
5.5
CVSSv3
CVE-2020-12767
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
Libexif Project Libexif 0.6.21
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.1
7.5
CVSSv3
CVE-2020-0198
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10A...
Google Android 10.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 33
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Libexif Project Libexif
5
CVSSv3
CVE-2020-0093
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Libexif Project Libexif
Opensuse Leap 15.1
1 Article
9.8
CVSSv3
CVE-2020-0452
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interacti...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
Google Android 11.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
8.8
CVSSv3
CVE-2019-9278
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: A...
Google Android 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
6.5
CVSSv3
CVE-2020-0182
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Google Android 10.0
Debian Debian Linux 8.0
NA
CVE-2012-2845
Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote malicious users to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.
Curtis Galloway Exif 0.6.20
NA
CVE-2007-6353
Integer overflow in exif.cpp in exiv2 library allows context-dependent malicious users to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
Exiv2 Exiv2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3