Lucene search
+L

342 matches found

OSV
OSV
added 2022/02/02 12:15 p.m.6 views

DEBIAN-CVE-2020-26208

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

6.1CVSS6.6AI score0.0089EPSS
Exploits1References1
OSV
OSV
added 2022/02/02 12:15 p.m.6 views

CVE-2020-26208

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

6.1CVSS6.6AI score
Exploits0References4
OSV
OSV
added 2022/02/02 12:15 p.m.5 views

UBUNTU-CVE-2020-26208

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

6.1CVSS6.8AI score0.0089EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2022/02/02 11:51 a.m.6 views

CVE-2020-26208 Heap-buffer-overflow in jhead

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

5.3CVSS6.3AI score0.0089EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/02 12:0 a.m.9 views

jhead 缓冲区错误漏洞

jhead is a tool for modifying information in JPEG files. A buffer error vulnerability exists in JHEAD that stems from the jpgfile.c:285 ReadJpegSections function failing to properly handle memory boundaries when processing JPEG images. An attacker could use this vulnerability to cause a program...

6.1CVSS7.1AI score0.0089EPSS
Exploits1References6
NVD
NVD
added 2021/11/05 12:15 a.m.14 views

CVE-2021-39907

A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage...

5.3CVSS0.01437EPSS
Exploits0References3
OSV
OSV
added 2021/11/05 12:15 a.m.13 views

CVE-2021-39907

A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage...

5.3CVSS6.4AI score0.01437EPSS
Exploits0References3
Prion
Prion
added 2021/11/05 12:15 a.m.12 views

Denial of service

A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage...

5CVSS5.1AI score0.01437EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/04 12:0 a.m.2 views

PT-2021-22754 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 and later Description: A potential DOS issue was discovered in GitLab CE/EE. The stripping of EXIF data from certain images resulted in high CPU usage. Recommendations: For GitLab CE/EE versions 13.7 and later,...

5.3CVSS4.8AI score0.01437EPSS
Exploits0References12
OSV
OSV
added 2021/08/17 12:0 a.m.10 views

OSV-2021-1139 UNKNOWN READ in exif_mnote_data_apple_load

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37234 Crash type: UNKNOWN READ Crash state: exifmnotedataappleload exifmnotedataload interpretmakernote...

7.2AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/07/22 12:0 a.m.7 views

The vulnerability of the exif_data_save_data_entry function in the library for grammatical analysis of EXIF files in libexif, related to reading beyond the permissible buffer limits, allows a perpetrator to access confidential information or cause service failures.

The vulnerability of the exifdatasavedataentry function in the EXIF-file grammar analysis library libexif is related to reading data beyond the permissible buffer limits. Exploiting this vulnerability could allow an attacker to access confidential information or cause service failures...

9.1CVSS6.9AI score0.03273EPSS
Exploits1References9Affected Software3
Mageia
Mageia
added 2021/06/13 9:32 p.m.30 views

Updated exif packages fix a security vulnerability

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash. CVE-2021-27815...

5.5CVSS4.5AI score0.01268EPSS
Exploits1References2
Veracode
Veracode
added 2021/05/06 7:12 a.m.34 views

Buffer Overflow

exiv2 is vulnerable to buffer overflow. The vulnerability exists due to improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

6.5CVSS4.5AI score0.02295EPSS
Exploits0References9Affected Software3
Huntr
Huntr
added 2021/05/03 3:53 a.m.20 views

OS Command Injection in sztheory/exifcleaner

✍️ Description Command Injection using XSS via EXIF Data. The application displays the image metadata in HTML format without removing malicious tags, therefore an XSS attack can be performed. bash exiftool -Comment='OverJT' MYIMAGE.png Being an application made in electron, it allows to easily...

1.1AI score0.0434EPSS
Exploits1References2
OSV
OSV
added 2021/04/14 2:15 p.m.3 views

DEBIAN-CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...

5.5CVSS6.9AI score0.01268EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2021/04/14 2:15 p.m.4 views

CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...

5.5CVSS5.6AI score0.01268EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2021/04/14 2:15 p.m.25 views

CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...

5.5CVSS6.1AI score0.01268EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2021/04/14 12:0 a.m.24 views

CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...

5.5CVSS5.4AI score0.01268EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/04/14 12:0 a.m.1 views

PT-2021-17628 · Exif +1 · Exif +1

Name of the Vulnerable Software and Affected Versions: exif versions 0.6.22 and earlier Description: The issue allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash. This occurs when printing out XML formatted EXIF data using the ex...

5.5CVSS5.3AI score0.01268EPSS
Exploits1References24
Cvelist
Cvelist
added 2021/04/14 12:0 a.m.41 views

CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash...

5.7AI score0.01268EPSS
Exploits1References7
Rows per page
Query Builder