CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в libimage-exiftool-perl

In ExifTool’s lib/Image/ExifTool.pm, version 12.38 incorrectly handles the $file = /|$/ check, resulting in command injection...

7.8CVSS7.1AI score0.27704EPSS

Exploits5References1

EUVD•added 2026/05/14 3:11 p.m.•5 views

EUVD-2026-30311

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HTTP endpoint accepts a JSON metadata object and passes its keys directly to ExifTool via the go-exiftool library. No validation is performed on key characters. A \n embedded i...

9.8CVSS6AI score0.08768EPSS

Exploits2References1

GithubExploit•added 2026/05/03 12:41 p.m.•203 views

ethical-hacking-portfolio

Ethical Hacking Portfolio - CS4069 | Spring 2026 Course:...

9.8CVSS5.9AI score0.64352EPSS

Exploits10

NVD•added 2026/02/24 3:21 p.m.•5 views

CVE-2026-3102

A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be...

8.8CVSS0.00073EPSS

Exploits2References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-14555

Malware in sbrugna...

5.5CVSS5.3AI score0.00215EPSS

Exploits1References11

SUSE CVE•added 2023/02/15 3:44 a.m.•2 views

SUSE CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...

5.5CVSS5.4AI score0.00215EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 3:27 a.m.•1 views

SUSE CVE-2022-23935

lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file = /|$/ check, leading to command injection...

7.8CVSS7.7AI score0.27704EPSS

Exploits5References3

Tenable Nessus•added 2022/10/31 12:0 a.m.•16 views

GLSA-202210-28 : exif: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202210-28 exif: Denial of Service - NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a...

5.5CVSS5.7AI score0.00215EPSS

Exploits1References3

Huntr•added 2022/05/22 8:12 p.m.•24 views

Metadata Is Not Stripped From Images

While uploading an image on https://demo-publify.herokuapp.com/admin/resources as a low privileged user the meta data of the image like geolocation, device information, version, name etc is not getting stripped, as a result the attacker can collect all the meta data information of the image by...

4CVSS0.00099EPSS

Exploits1References1

OSV•added 2021/04/23 6:15 p.m.•0 views

UBUNTU-CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...

7.8CVSS7.6AI score0.92782EPSS

Exploits38References9

OSV•added 2021/04/14 2:15 p.m.•1 views

DEBIAN-CVE-2021-27815

5.5CVSS6.9AI score0.00215EPSS

Exploits1References1

OSV•added 2021/04/14 2:15 p.m.•0 views

UBUNTU-CVE-2021-27815

5.5CVSS6.1AI score0.00215EPSS

Exploits1References4

Rows per page