CVE-2026-40386

Summary: CVE-2026-40386 affects libexif up to 0.6.25, caused by an integer underflow in size checking during Fuji and Olympus MakerNote decoding. This could allow a crash or leakage of information from programs using libexif. What’s affected: libexif library (versions ≤ 0.6.25) handling MakerNote...

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

CVE-2026-40385

CVE-2026-40385 affects libexif up to 0.6.25. The vulnerability is an unsigned 32‑bit integer overflow in Nikon MakerNote handling that can be triggered locally on 32‑bit systems, leading to crashes or information leaks. The available connected documents confirm the root cause and impact but do no...

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

Linux Distros Unpatched Vulnerability : CVE-2026-40386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information...

Libexif 数字错误漏洞

Libexif is a function library written in C language by the Libexif organization. This product is primarily used for reading and writing EXIF meta-data from graphic files. Versions of libexif prior to 0.6.25 contained a numerical error vulnerability. This vulnerability stemmed from integer underfl...

Linux Distros Unpatched Vulnerability : CVE-2026-40385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks...

PT-2026-32180

Name of the Vulnerable Software and Affected Versions libexif versions through 0.6.25 Description A flaw exists in libexif that involves an unsigned 32bit integer overflow when handling Nikon MakerNote data. This issue can lead to crashes or information leaks. The issue is limited to 32bit system...

Libexif 输入验证错误漏洞

Libexif is a function library written in C language by the Libexif organization. This product is primarily used for reading and writing EXIF metadata from graphic files. Versions of Libexif prior to 0.6.25 contained a vulnerability related to input validation errors. This vulnerability stemmed fr...

PT-2026-32181

Name of the Vulnerable Software and Affected Versions libexif versions through 0.6.25 Description An integer underflow in size checking during the decoding of Fuji and Olympus MakerNote data within libexif could allow attackers to cause a crash or leak information from programs that use libexif...

MiracleLinux 8 : libexif-0.6.21-17.el8 (AXSA:2020-249:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-249:03 advisory. libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS CVE-2020-13112 Tenable has extracted the preceding...

MiracleLinux 7 : libexif-0.6.21-7.el7 (AXSA:2020-162:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-162:02 advisory. libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS CVE-2020-13112 Tenable has extracted the preceding...

MiracleLinux 4 : libexif-0.6.21-6.AXS4 (AXSA:2020-137:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-137:01 advisory. libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS CVE-2020-13112 Tenable has extracted the preceding...

EUVD-2020-5389

Malware in sbrugna...

EUVD-2020-5388

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-20337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or...

PT-2023-35704 · Libraw · Libraw

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a crash in LibRaw, specifically in the LibRaw::sget4 function, which is called by LibRaw::parseAdobeRAFMakernote and LibRaw::parse tiff ifd. The crash type is reporte...