MiracleLinux 7 : rh-php73-php-7.3.20-1.el7 (AXSA:2020-958:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-958:01 advisory. php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte CVE-2019-11045 php: Information...

EUVD-2019-2748

Malware in sbrugna...

CVE-2020-26208

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

CVE-2020-26208

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

[SECURITY] Fedora 34 Update: exif-0.6.22-1.fc34

Small command-line utility to show EXIF information hidden in JPEG files...

Security update for jhead (moderate)

openSUSE Security Update: Security update for jhead Announcement ID: openSUSE-SU-2021:0743-1 Rating: moderate References: 1144316 1144354 1160544 1160547 Cross-References: CVE-2016-3822 CVE-2018-16554 CVE-2018-17088 CVE-2018-6612 CVE-2019-1010301 CVE-2019-1010302 CVE-2020-6624 CVE-2020-6625...

PHP 7.4.x < 7.4.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.26, 7.3.x prior to 7.3.13, or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to imprope...

PHP 7.2.x < 7.2.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.26, 7.3.x prior to 7.3.13, or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to imprope...

PHP 7.3.x < 7.3.13 / 7.4.x < 7.4.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.13 or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of...

PHP 7.2.x < 7.2.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.26. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of embedded \0 byte character a...

FOCA - Tool To Find Metadata And Hidden Information In The Documents

FOCA Fingerprinting Organizations with Collected Archives FOCA is a tool used mainly to findmetadata and hidden information in the documents it scans. These documents may be on web pages, and can be downloaded and analysed with FOCA. It is capable of analysing a wide variety of documents, with th...

Goca Scanner - FOCA fork written in Go

Goca is a FOCA fork written in Go, which is a tool used mainly to find metadata and hidden information in the documents its scans. These documents may be on web pages, and can be downloaded and analyzed with Goca. It is capable of analyzing a wide variety of documents, with the most common being...

A picture can lead to millions of Android phone is black-and-vulnerability warning-the black bar safety net

Google today released the latest Android security Bulletin Android Security Bulletin for a little while ago exposed a series of vulnerabilities to do a patch repair, such as the impact to the 9 billion devices, for high flux chip Quadrooter vulnerability-and this is the Android patch to repair th...

php: remote code execution

CVE-2014-9427 information leak, remote code execution A one-byte file containing only the '' character, not followed by any newline, causes php-cgi to do an out of bound read, potentially disclosing sensitive information present in memory or even triggering code execution if adjacent memory...

[WebCacheImageInfo] Displays the software/camera model of images stored in the cache of your Web browser

WebCacheImageInfo is a simple tool that searches for JPEG images with EXIF information stored inside the cache of your Web browser Internet Explorer, Firefox, or Chrome, and then it displays the list of all images found in the cache with the interesting information stored in them, like the softwa...

[SECURITY] Fedora 17 Update: exif-0.6.21-1.fc17

Small command-line utility to show EXIF information hidden in JPEG files...

[SECURITY] Fedora 16 Update: exif-0.6.21-1.fc16

Small command-line utility to show EXIF information hidden in JPEG files...

DiscuzX2个人空间图片EXIF信息XSS

简要描述： DiscuzX2个人空间图片EXIF信息XSS 详细说明： 图片里插入非法的EXIF信息。你懂的 xss漏洞产生。。。不过有点鸡肋，在特定条件下才能读取到EXIF信息。 漏洞证明： 图片里插入非法的EXIF信息。你懂的 img src="https://images.seebug.org/upload/201205/23215725fa5b5ae0b26fed9a7445b563cda46eb5.png" alt="" width="600" onerror="javascript:errimgthis;...

Forensic FOCA - Power of Metadata in digital forensics

Forensic FOCA - Power of Metadata in digital forensics Most of the e ort in today's digital forensics community lies in the retrieval and analysis of existing information from computing systems. Metadata is data about data. Metadata plays a number of important roles in computer forensics. It can...

JPEG EXIF cross site attacks-vulnerability warning-the black bar safety net

Article author: dark night costumes Leave the hacking community after a long time LOR...life is so real Ahha hamissed previously. This time play the camera. Digital,SLR are in play. At the same time I'm ready to do a thematic photography figure Bo. In the study very much Station popular Upload a...