Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 10 : libexif (RHSA-2026:22529)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22529 advisory. The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Denial of Service and...

RockyLinux 8 : libexif (RLSA-2026:20929)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20929 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...

AlmaLinux 8 : libexif (ALSA-2026:20929)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20929 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libexif (UTSA-2026-014285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014285 advisory. libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten du...

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

EUVD-2020-5390

Malware in sbrugna...

EUVD-2007-6318

Malware in sbrugna...

EUVD-2016-7255

Malware in sbrugna...

EUVD-2012-2817

Malware in sbrugna...

EUVD-2017-16555

Malware in sbrugna...

EUVD-2012-2816

Malware in sbrugna...

EUVD-2020-5388

Malware in sbrugna...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libexif (UTSA-2025-986164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986164 advisory. In exifdataloaddatathumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no...

The vulnerability of the exif_data_save_data_entry() function in the exif-data.c component of the Libexif library for processing EXIF files allows a hacker to access confidential data.

The vulnerability of the exifdatasavedataentry function in the exif-data.c component of the Libexif library for EXIF-file parsing involves reading data beyond the buffer’s allowed limits. Exploiting this vulnerability could allow an attacker to access confidential data...

SUSE CVE-2007-2645

Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...

SUSE CVE-2012-2837

The mnoteolympusentrygetvalue function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library aka libexif before 0.6.21 allows remote attackers to cause a denial of service divide-by-zero error via an image with crafted EXIF tags that are not properly handled during the formatting of EX...

SUSE CVE-2012-2841

Integer underflow in the exifentrygetvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer...