Lucene search
+L

342 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-26263

Malware in sbrugna...

5.3CVSS5.2AI score0.01437EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-4835

Malware in sbrugna...

7.8CVSS6AI score0.01267EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libexif (UTSA-2025-986164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986164 advisory. In exifdataloaddatathumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no...

7.5CVSS7.7AI score0.02856EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-33387

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00747EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-10404

Malicious code in bioql PyPI...

6.9CVSS6.3AI score0.00173EPSS
Exploits0References3
Fedora
Fedora
added 2025/09/16 12:20 a.m.7 views

[SECURITY] Fedora 43 Update: exiv2-0.28.6-2.fc43

A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...

5.5CVSS7.1AI score0.00226EPSS
Exploits1
Fedora
Fedora
added 2025/09/04 1:28 a.m.9 views

[SECURITY] Fedora 41 Update: exiv2-0.28.6-2.fc41

A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...

5.5CVSS7.1AI score0.00226EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-39907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU...

5.3CVSS5.6AI score0.01437EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-0093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure...

5CVSS6.8AI score0.00301EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.9 views

CVE-2023-29850

SENAYAN Library Management System SLiMS Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information...

7.5CVSS6.5AI score0.00747EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 p.m.6 views

CVE-2021-39907

A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 13.7. The stripping of EXIF data from certain images resulted in high CPU usage...

5.3CVSS6AI score0.01437EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 a.m.7 views

CVE-2019-15740

An issue was discovered in GitLab Community and Enterprise Edition 7.9 through 12.2.1. EXIF Geolocation data was not being removed from certain image uploads...

5.3CVSS6.5AI score0.01608EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 a.m.9 views

CVE-2019-14280

In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't stripping EXIF data from user-uploaded images when it was configured to do so, potentially exposing personal/geolocation data to the public...

5.3CVSS6.8AI score0.09358EPSS
Exploits4References1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.18 views

The vulnerability of the write_exif_data() function in the src/tiff.imageio/tiffoutput.cpp module of the OpenImageIO library allows a hacker to cause a service failure.

The vulnerability of the writeexifdata function in the src/tiff.imageio/tiffoutput.cpp module of the OpenImageIO library is related to the use of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS5.5AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/10 4:45 p.m.19 views

CVE-2025-32024

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to...

6.9CVSS6.7AI score0.00173EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/10 2:8 a.m.8 views

SUSE CVE-2025-32024

bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to...

6.9CVSS6.9AI score0.00173EPSS
Exploits0References3
Snyk
Snyk
added 2025/04/09 5:5 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when processing large EXIF data structures. An attacker can cause denial of service by sending malicious images. Remediation Upgrade github.com/bep/imagemeta to version 0.10.0 or...

8.7CVSS6.9AI score0.00173EPSS
Exploits0References3
OSV
OSV
added 2025/04/09 5:5 p.m.13 views

GO-2025-3598 bep/imagemeta allows excessively large EXIF data structures in github.com/bep/imagemeta

bep/imagemeta allows excessively large EXIF data structures in github.com/bep/imagemeta...

6.9CVSS7.1AI score0.00173EPSS
Exploits0References3
OSV
OSV
added 2025/04/09 12:57 p.m.10 views

GHSA-Q7RW-W4CQ-2J6W bep/imagemeta allows excessively large EXIF data structures

Impact The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to construct denial-of-service attacks. Patches v0.10.0 added LimitNumTags default 5000 and LimitTagSize defau...

6.9CVSS6.3AI score0.00173EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/04/09 12:57 p.m.16 views

bep/imagemeta allows excessively large EXIF data structures

Impact The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to construct denial-of-service attacks. Patches v0.10.0 added LimitNumTags default 5000 and LimitTagSize defau...

6.9CVSS6.8AI score0.00173EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder