Lucene search
+L

22 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-27773

Malware in sbrugna...

7.1CVSS5.8AI score0.01435EPSS
Exploits1References7
susecve
susecve
added 2023/02/15 4:24 a.m.5 views

SUSE CVE-2018-16554

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling...

7.8CVSS7.7AI score0.01766EPSS
Exploits1References8
susecve
susecve
added 2023/02/15 4:2 a.m.4 views

SUSE CVE-2020-6625

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c...

7.1CVSS7.2AI score0.01435EPSS
Exploits1References5
osv
osv
added 2020/01/09 1:15 a.m.8 views

CVE-2020-6625

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c...

7.1CVSS7.7AI score
Exploits0References4
prion
prion
added 2020/01/09 1:15 a.m.28 views

Heap overflow

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c...

5.8CVSS6.8AI score0.01435EPSS
Exploits1References4Affected Software1
osv
osv
added 2020/01/09 1:15 a.m.3 views

UBUNTU-CVE-2020-6625

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c...

7.1CVSS6.9AI score0.01435EPSS
Exploits1References4
cvelist
cvelist
added 2020/01/09 12:0 a.m.31 views

CVE-2020-6625

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c...

7.1AI score0.01435EPSS
Exploits1References4
cve
cve
added 2020/01/09 12:0 a.m.209 views

CVE-2020-6625

CVE-2020-6625 affects the jhead tool (up to and including version 3.04). The vulnerability is a heap-based buffer over-read in Get32s invoked from ProcessGpsInfo in gpsinfo.c, which can lead to partial confidentiality/availability impact as per CVSS. Public advisories indicate multiple vendors/de...

7.1CVSS7AI score0.01435EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2020/01/09 12:0 a.m.7 views

PT-2020-19192 · Jhead +5 · Jhead +5

Name of the Vulnerable Software and Affected Versions: jhead versions prior to 3.04 Description: The issue is related to a heap-based buffer over-read in the Get32s function when called from ProcessGpsInfo in gpsinfo.c. Recommendations: For versions prior to 3.04, update to version 3.04 or later ...

7.8CVSS6.2AI score0.01766EPSS
Exploits12References79
debiancve
debiancve
added 2020/01/09 12:0 a.m.41 views

CVE-2020-6625

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c...

7.1CVSS5.7AI score0.01435EPSS
Exploits1
cnvd
cnvd
added 2019/07/16 12:0 a.m.5 views

jhead buffer overflow vulnerability

jhead is a tool for modifying JPEG file information. A buffer overflow vulnerability exists in the 'ProcessGpsInfo' function of the gpsinfo.c file in jhead version 3.03. The vulnerability stems from a network system or product performing operations in memory without properly validating data...

5.5CVSS7.4AI score0.01211EPSS
Exploits1References1
ubuntucve
ubuntucve
added 2019/07/15 6:15 p.m.33 views

CVE-2019-1010301

jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo. The attack vector is: Open a specially crafted JPEG file...

5.5CVSS6.7AI score0.01211EPSS
Exploits1References3
prion
prion
added 2019/07/15 6:15 p.m.25 views

Buffer overflow

jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo. The attack vector is: Open a specially crafted JPEG file...

4.3CVSS5.5AI score0.01211EPSS
Exploits1References7Affected Software3
debiancve
debiancve
added 2019/07/15 5:10 p.m.39 views

CVE-2019-1010301

jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo. The attack vector is: Open a specially crafted JPEG file...

5.5CVSS5.5AI score0.01211EPSS
Exploits1
nessus
nessus
added 2019/03/27 12:0 a.m.33 views

openSUSE Security Update : jhead (openSUSE-2019-698)

This update for jhead fixes the following security issues : - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to cau...

7.8CVSS6.7AI score0.01766EPSS
Exploits1References3
mageia
mageia
added 2018/11/17 10:23 p.m.36 views

Updated jhead package fixes security vulnerabilities

The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling CVE-2018-16554. The ProcessGpsInfo...

7.8CVSS4.2AI score0.01766EPSS
Exploits2References3
nessus
nessus
added 2018/09/25 12:0 a.m.27 views

openSUSE Security Update : jhead (openSUSE-2018-1044)

This update for jhead fixes the following security issues : - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to cau...

7.8CVSS6.7AI score0.01766EPSS
Exploits1References3
opensuse
opensuse
added 2018/09/24 3:15 p.m.88 views

Security update for jhead (moderate)

This update for jhead fixes the following security issues: - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to caus...

7.5CVSS4.4AI score0.01766EPSS
Exploits1References1
prion
prion
added 2018/09/16 5:29 p.m.24 views

Integer overflow

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is...

6.8CVSS7.7AI score0.01766EPSS
Exploits2References2Affected Software1
ubuntucve
ubuntucve
added 2018/09/16 5:29 p.m.29 views

CVE-2018-17088

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is...

7.8CVSS6.8AI score0.01557EPSS
Exploits1References2
Rows per page
Query Builder