Lucene search
K

19 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/21 3:47 a.m.6 views

CVE-2018-9146

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.5CVSS5.6AI score0.02172EPSS
Exploits1References1
Prion
Prion
added 2023/03/29 7:15 p.m.18 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

4.4CVSS7.8AI score0.0077EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/03/29 12:0 a.m.48 views

CVE-2022-37369

CVE-2022-37369 affects PDF-XChange Editor. Connected sources confirm a PDF parsing flaw that can trigger a write past the end of an allocated buffer, enabling remote code execution when a user opens a malicious PDF or visits a malicious page. The vulnerability requires user interaction. Root caus...

7.8CVSS7.8AI score0.0077EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/03/29 12:0 a.m.28 views

CVE-2022-37369

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS8AI score0.0077EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.2 views

SUSE CVE-2017-17724

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

5.5CVSS8.9AI score0.02172EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.3 views

SUSE CVE-2018-9146

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

9.3AI score
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.0 views

SUSE CVE-2018-9306

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

8.1CVSS9.3AI score
Exploits0References3
Amazon
Amazon
added 2019/10/21 12:0 a.m.43 views

Low: exiv2

Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...

8.8CVSS7.9AI score0.02891EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2019/09/19 12:0 a.m.48 views

CentOS 7 : exiv2 (CESA-2019:2101)

An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.02891EPSS
Exploits21References24
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.37 views

Scientific Linux Security Update : exiv2 on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: exiv2 0.27.0. Security Fixes : - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp CVE-2018-8976 - exiv2: inval...

8.8CVSS6.5AI score0.02891EPSS
Exploits20References23
RedHat Linux
RedHat Linux
added 2019/08/06 2:22 p.m.38 views

Low: Red Hat Security Advisory: exiv2 security, bug fix, and enhancement update

An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.02891EPSS
Exploits23References56
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.44 views

Fedora 28 : exiv2 (2018-8b67a5c7e2)

Exiv2 update with security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

8.8CVSS6.5AI score0.02891EPSS
Exploits10References11
RedhatCVE
RedhatCVE
added 2018/04/12 9:53 p.m.27 views

CVE-2018-9306

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.5CVSS6.6AI score0.02172EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2018/04/06 2:52 a.m.33 views

CVE-2018-9146

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.5CVSS6.5AI score0.02172EPSS
Exploits1References1
CVE
CVE
added 2018/04/04 9:0 p.m.99 views

CVE-2018-9306

CVE-2018-9306 is a rejected/reserved candidate and does not represent an active vulnerability entry.

6.5AI score
Exploits0
CVE
CVE
added 2018/03/30 8:0 a.m.52 views

CVE-2018-9146

CVE-2018-9146 is a rejected candidate; reference CVE-2017-17724 instead.

6.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2018/02/14 1:19 p.m.26 views

CVE-2017-17724

An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of memory...

6.5CVSS7.3AI score0.02172EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2018/02/12 10:29 p.m.28 views

CVE-2017-17724

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

6.5CVSS7AI score0.02172EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/02/12 10:0 p.m.26 views

CVE-2017-17724

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

6.2AI score0.02172EPSS
Exploits1References5
Rows per page
Query Builder