Fedora 43 : mingw-exiv2 (2026-5eb6f779c0)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5eb6f779c0 advisory. Update to exiv2-0.28.8. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 42 : mingw-exiv2 (2026-592e4238fa)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-592e4238fa advisory. Update to exiv2-0.28.8. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Important: exiv2

Issue Overview: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

CVE-2026-27631

A flaw was found in Exiv2, a C++ library and command-line utility used for managing image metadata. This vulnerability, an integer overflow, exists within the preview component. When Exiv2 is executed with a specific command-line argument, such as -pp, a malicious input can cause the application ...

CVE-2026-27631

creationtimestamp| type| source ---|---|--- 2026-03-02 23:51:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg4h3g2gcr2y...

DEBIAN-CVE-2026-27631

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

CVE-2026-27631 Exiv2: Uncaught exception - cannot create std::vector larger than max_size()

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

EUVD-2021-27631

Malicious code in bioql PyPI...

CVE-2023-27631

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in mmrs151 Daily Prayer Time plugin = 2023.05.04 versions...

CVE-2021-27631

SAP NetWeaver ABAP Server and ABAP Platform Enqueue Server, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73, allows an unauthenticated attacker without specific knowledge of the system to send a...

CVE-2020-27631

In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random...

CVE-2025-27631

creationtimestamp| type| source ---|---|--- 2025-03-25 13:23:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8650 2025-03-25 15:18:53+00:00| seen| https://t.me/cvedetector/21095 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-02...

CVE-2025-27631

CVE-2025-27631 affects Hitachi Energy’s TRMTracker web application. Connected sources confirm an LDAP injection vulnerability in the TRMTracker component, enabling an attacker to inject code into queries and execute remote commands that can read and update data on the site. The issue is described...

CVE-2025-27631

The TRMTracker web application is vulnerable to LDAP injection attack potentially allowing an attacker to inject code into a query and execute remote commands that can read and update data on the website...

CVE-2025-27631

The TRMTracker web application is vulnerable to LDAP injection attack potentially allowing an attacker to inject code into a query and execute remote commands that can read and update data on the website...

CVE-2024-27631

Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php...

CVE-2024-27631

CVE-2024-27631 is a CSRF vulnerability in GNU Savane (versions 3.12 and earlier) that allows a remote attacker to escalate privileges via the siteadmin/usergroup.php endpoint. The Red Hat, CNVD, CNNVD, CVE List, and CNVD entries corroborate a CSRF flaw enabling privilege escalation; the issue is ...

CVE-2024-27631

creationtimestamp| type| source ---|---|--- 2024-04-06 23:35:11+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6961...

CVE-2020-27631

creationtimestamp| type| source ---|---|--- 2023-10-10 20:16:59+00:00| seen| https://t.me/cibsecurity/71977...

CVE-2020-27631

In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random...