Skip to main content

Exiv2

107 CVEs product

Monthly

CVE-2017-14858 MEDIUM POC This Month

There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-14857 MEDIUM POC This Month

In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption Use After Free Exiv2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-12957 MEDIUM This Month

There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2017-12956 MEDIUM This Month

There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2017-12955 HIGH This Week

There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2017-11683 MEDIUM This Month

There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Exiv2 Ubuntu Linux Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2017-11592 HIGH POC This Week

There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2017-11591 HIGH POC This Week

There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Exiv2 Ubuntu Linux Debian Linux
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2017-11553 HIGH POC This Week

There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Exiv2
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2017-11340 MEDIUM This Month

There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2017-11339 MEDIUM This Month

There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2017-11338 MEDIUM This Month

There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2017-11337 MEDIUM This Month

There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2017-11336 MEDIUM This Month

There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2017-9953 HIGH POC This Week

There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption Use After Free Exiv2 Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-9239 PyPI MEDIUM POC This Month

An issue was discovered in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Exiv2 Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
0.2%
CVE-2014-9449 MEDIUM This Month

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Exiv2 Fedora
NVD
CVSS 2.0
5.0
EPSS
1.3%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption Use After Free +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Exiv2 Ubuntu Linux +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Exiv2 Ubuntu Linux +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Exiv2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Exiv2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Exiv2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Exiv2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is an invalid free in the Action::TaskFactory::cleanup function of actions.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption Use After Free +2
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in Exiv2 0.26. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Exiv2 Ubuntu Linux
NVD GitHub
EPSS 1% CVSS 5.0
MEDIUM This Month

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Exiv2 +1
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy