CVE-2025-13114

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

CVE-2025-13114

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

CVE-2025-13114

The CVE-2025-13114 entry concerns macrozheng mall-swarm (versions up to 1.0.3). The vulnerability is in the updateAttr function of /cart/update/attr, allowing improper authorization and a remote attack. Public exploit material exists, and multiple feeds (Red Hat, EUVD/ENISA, CNNVD, CVE lists) cor...

CVE-2025-13114 macrozheng mall-swarm attr updateAttr improper authorization

A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

Linux Distros Unpatched Vulnerability : CVE-2019-13114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service crash due to a NULL pointer dereference by returning a crafted respon...

CVE-2024-13114

The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

SUSE CVE-2019-13114

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service crash due to a NULL pointer dereference by returning a crafted response that lacks a space character...

SUSE CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

Mageia: Security Advisory (MGASA-2020-0238)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libexif Multiple Vulnerabilities (NS-SA-2021-0158)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libexif packages installed that are affected by multiple vulnerabilities: - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media...

SUSE: Security Advisory (SUSE-SU-2020:0921-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1534-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libexif (EulerOS-SA-2020-2356)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : libexif on SL7.x x86_64 (20201001)

Security Fixes : - libexif: out of bound write in exif-data.c CVE-2019-9278 - libexif: out of bounds read due to a missing bounds check in exifdatasavedataentry function in exif-data.c CVE-2020-0093 - libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and...

libexif security update

CentOS Errata and Security Advisory CESA-2020:4040 An update for libexif is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Oracle Linux 7 : libexif (ELSA-2020-4040)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4040 advisory. 0.6.22-1 - Upgrade to 0.6.22 - Resolves: 1841316 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Moderate: Red Hat Security Advisory: libexif security, bug fix, and enhancement update

An update for libexif is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Huawei EulerOS: Security Advisory for libexif (EulerOS-SA-2020-2142)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : libexif (RHSA-2020:4040)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4040 advisory. The libexif packages provide a library for extracting extra information from image files. The following packages have been upgraded to a lat...

Huawei EulerOS: Security Advisory for libexif (EulerOS-SA-2020-1809)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...