334 matches found
Astra Linux - уязвимость в exiv2
A flaw was discovered in Exiv2 in versions prior to and including 0.27.4-RC1. Improper input validation of the rawData.size property in the Jp2Image::readMetadata function, located in jp2image.cpp, can lead to a heap-based buffer overflow through a specially crafted JPG image containing malicious...
CVE-2026-27892 FacturaScripts: Unstripped Image Metadata (EXIF) Leakage via Library Module File Upload/Download
FacturaScripts is an open source accounting and invoicing software. In versions prior to 2026, the Library module stores and serves uploaded images byte-for-byte, without stripping EXIF/XMP/IPTC metadata. Any authenticated user who downloaded an image could extract the uploader's embedded metadat...
CVE-2025-31959
HCL BigFix Service Management SM application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentionally shared...
CVE-2025-31959
Affected product : HCL BigFix Service Management (SM). Vulnerability : The SM application fails to strip EXIF metadata from uploaded images. This metadata may include sensitive location information, leading to confidentiality/privacy risks if inadvertently shared. Impact (from sources) : Privacy/...
PT-2026-37631
HCL BigFix Service Management SM application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentionally shared...
[SECURITY] Fedora 44 Update: libexif-0.6.26-1.fc44
Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags...
[SECURITY] Fedora 44 Update: luminance-hdr-2.6.1.1-89.fc44
Luminance HDR is a graphical user interface based on the Qt5 toolkit that provides a complete workflow for HDR imaging. Supported HDR formats: =E2=80=A2 OpenEXR extension: exr =E2=80=A2 Radiance RGBE extension: hdr =E2=80=A2 Tiff formats: 16bit, 32bit float and LogLuv extension: tiff =E2=80=A2 Ra...
CVE-2026-29055
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the image processing pipeline in Tandoor Recipes explicitly skips EXIF metadata stripping, image rescaling, and size validation for WebP and GIF image formats. A...
CVE-2026-29055
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the image processing pipeline in Tandoor Recipes explicitly skips EXIF metadata stripping, image rescaling, and size validation for WebP and GIF image formats. A...
CVE-2026-29055
CVE-2026-29055 affects Tandoor Recipes: in versions prior to 2.6.0, the image processing pipeline did not strip EXIF data, rescale, or validate sizes for WebP and GIF uploads, allowing sensitive EXIF metadata (GPS coordinates, camera model, timestamps, software) to be stored and served to all vie...
CVE-2026-29055
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the image processing pipeline in Tandoor Recipes explicitly skips EXIF metadata stripping, image rescaling, and size validation for WebP and GIF image formats. A...
CVE-2026-29055 Tandoor Recipes: WebP and GIF Image Uploads Bypass EXIF/Metadata Stripping, Leaking GPS Coordinates and PII
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the image processing pipeline in Tandoor Recipes explicitly skips EXIF metadata stripping, image rescaling, and size validation for WebP and GIF image formats. A...
CVE-2026-29055 Tandoor Recipes: WebP and GIF Image Uploads Bypass EXIF/Metadata Stripping, Leaking GPS Coordinates and PII
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the image processing pipeline in Tandoor Recipes explicitly skips EXIF metadata stripping, image rescaling, and size validation for WebP and GIF image formats. A...
EUVD-2026-16297
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the image processing pipeline in Tandoor Recipes explicitly skips EXIF metadata stripping, image rescaling, and size validation for WebP and GIF image formats. A...
Tandoor Recipes 安全漏洞
Tandoor Recipes is an open-source application designed for managing recipes, planning meals, creating shopping lists, and more. Versions of Tandoor Recipes prior to 2.6.0 contained security vulnerabilities. These vulnerabilities stemmed from the image processing pipeline skipping the EXIF metadat...
CVE-2026-32775
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...
MiracleLinux 8 : php:7.3 (AXSA:2020-779:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-779:01 advisory. php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer over-read in exifreaddata CVE-2019-11040 php:...
CVE-2019-11870
Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/mediachoose.tpl Editor Preview feature or the templates/2k11/admin/mediaitems.tpl Media Library feature...
EUVD-2021-26263
Malware in sbrugna...
EUVD-2020-5390
Malware in sbrugna...