Lucene search
K

75 matches found

OSV
OSV
added 2026/05/19 7:42 p.m.11 views

MAL-2026-4746 Malicious code in crw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4324181416ad15727c0f51a30b56858c42fad99b93635922494acfe4c0f5d597 Package 'crw' impersonates the Firecrawl SDK: it declares 'firecrawl' as a keyword, replicates Firecrawl's client surface...

5.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.4 views

openSUSE 16 Security Update : exiv2 (openSUSE-SU-2026:20410-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20410-1 advisory. Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service...

9.8CVSS6.2AI score0.00816EPSS
Exploits3References27
OSV
OSV
added 2026/03/23 11:51 a.m.7 views

CLSA-2026-1774266713 exiv2: Fix of 2 CVEs

CVE-2026-25884: fix out-of-bounds read in CRW image parser - CVE-2026-27596: fix integer underflow in preview component...

8.1CVSS5.8AI score0.00367EPSS
Exploits1References1
OSV
OSV
added 2026/03/23 11:40 a.m.6 views

CLSA-2026-1774266009 exiv2: Fix of 2 CVEs

CVE-2026-25884: fix out-of-bounds read in CRW image parser - CVE-2026-27596: fix integer underflow in preview component...

8.1CVSS5.8AI score0.00367EPSS
Exploits1References1
OSV
OSV
added 2026/03/23 9:44 a.m.4 views

OPENSUSE-SU-2026:20410-1 Security update for exiv2

This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...

9.8CVSS6.1AI score0.00816EPSS
Exploits3References18
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.8 views

Exiv2 0.28.7 Multiple Vulnerabilities

The version of Exiv2 installed on the remote host is 0.28.7. It is, therefore, affected by multiple vulnerabilities: - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. In version 0.28.7, an out-of-bounds read was found. Th...

8.1CVSS5.9AI score0.00367EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-25884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an...

8.1CVSS6.5AI score0.00307EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/03 12:26 a.m.2 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the decode0x0805 function of the CRW image parser. An attacker can cause the application to read memory outside the bounds of an allocated buffer by providing a specially crafted CRW image file. Remediation A fix w...

8.1CVSS6AI score0.00307EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/03/03 12:25 a.m.2 views

SUSE CVE-2026-25884

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

6.5CVSS5.7AI score0.00307EPSS
Exploits1References5
NVD
NVD
added 2026/03/02 8:16 p.m.6 views

CVE-2026-25884

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

8.1CVSS0.00307EPSS
Exploits1References3
OSV
OSV
added 2026/03/02 8:16 p.m.7 views

AZL-78621 CVE-2026-25884 affecting package exiv2 0.28.0-1

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

8.1CVSS6.5AI score0.00307EPSS
Exploits1References1
OSV
OSV
added 2026/03/02 8:16 p.m.6 views

AZL-78524 CVE-2026-25884 affecting package exiv2 0.28.3-1

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

8.1CVSS5.7AI score0.00307EPSS
Exploits1References1
OSV
OSV
added 2026/03/02 7:41 p.m.5 views

CVE-2026-25884 Exiv2: Out-of-bounds read in CrwMap::decode0x0805

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

6.9CVSS5.8AI score0.00307EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/02 7:41 p.m.3 views

CVE-2026-25884 Exiv2: Out-of-bounds read in CrwMap::decode0x0805

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

6.9CVSS5.8AI score0.00307EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/02 7:41 p.m.6 views

CVE-2026-25884

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

8.1CVSS5.8AI score0.00307EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/03/02 7:41 p.m.4 views

EUVD-2026-9259

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

6.9CVSS5.8AI score0.00307EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/02 7:41 p.m.34 views

CVE-2026-25884 Exiv2: Out-of-bounds read in CrwMap::decode0x0805

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

6.9CVSS0.00307EPSS
Exploits1References3
CVE
CVE
added 2026/03/02 7:41 p.m.27 views

CVE-2026-25884

Exiv2 is a C++ library/CLI for image metadata. Prior to version 0.28.8, a set of out-of-bounds/read-related issues were reported: first, an out-of-bounds read in the CRW image parser (CVE-2026-25884); second, a related issue in the preview component (CVE-2026-27596); and a crash due to an uncaugh...

8.1CVSS5.8AI score0.00307EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

Exiv2 缓冲区错误漏洞

Exiv2 is a C++ library and command-line application developed by Andreas Huggel, designed for managing image metadata. This product provides functionality for reading and writing image metadata in various formats such as EXIF, IPTC, and XMP. Versions of Exiv2 prior to 0.28.8 contained a buffer...

8.1CVSS6.8AI score0.00307EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.2 views

PT-2026-22692

Name of the Vulnerable Software and Affected Versions Exiv2 versions prior to 0.28.8 Description Exiv2 is a C++ library and a command-line utility used for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. A flaw exists in the CRW image parser that can lead to an...

8.1CVSS6.7AI score0.00307EPSS
Exploits1References60
Rows per page
Query Builder