CVE-2025-31959

Affected product : HCL BigFix Service Management (SM). Vulnerability : The SM application fails to strip EXIF metadata from uploaded images. This metadata may include sensitive location information, leading to confidentiality/privacy risks if inadvertently shared. Impact (from sources) : Privacy/...

HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. There is a security vulnerability in HCL BigFix Service Management. This vulnerability stems from the failure to remove EXIF metadata from uploaded images, which may lead t...

Kai-Tools

Kai Tools 🚀 Kai Tools adalah suite keamanan dan intelijen...

gstreamer: EXIF Metadata Parsing Integer Overflow

A flaw was found in the GStreamer library. This flaw allows a remote attacker to send specially crafted content to the victim, allowing for arbitrary code execution within the context of the affected installation's process. The vulnerability is caused by improper parsing of EXIF metadata and a la...

EUVD-2017-12101

Malware in sbrugna...

EUVD-2024-44072

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-41837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the OpenImageIO::addexifitemtospec functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially-crafted...

gstreamer: EXIF Metadata Parsing Integer Overflow

A flaw was found in the GStreamer library. This flaw allows a remote attacker to send specially crafted content to the victim, allowing for arbitrary code execution within the context of the affected installation's process. The vulnerability is caused by improper parsing of EXIF metadata and a la...

Informatica: EXIF metadata not stripped from profile image

The EXIF metadata was not stripped from the profile images uploaded to the platform. This could have resulted in the disclosure of location or other personal information associated with the uploaded images...

Important: gstreamer1-plugins-base

Issue Overview: GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack...

RLSA-2024:9056 Moderate: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer: EXIF Metadata Parsing Integer Overflow CVE-2024-4453 For more details about the...

Amazon Linux 2 : gstreamer-plugins-base (ALAS-2024-2593)

The version of gstreamer-plugins-base installed on the remote host is prior to 0.10.36-18. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2593 advisory. GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows...

Amazon Linux 2 : gstreamer1-plugins-base (ALAS-2024-2592)

The version of gstreamer1-plugins-base installed on the remote host is prior to 1.18.4-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2592 advisory. GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows...

Important: gstreamer-plugins-base

Issue Overview: GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack...

Important: gstreamer1-plugins-base

Issue Overview: GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack...

Updated 0-plugins-base packages fix security vulnerability

GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

MGASA-2024-0215 Updated 0-plugins-base packages fix security vulnerability

GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1945-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1945-1 advisory. - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata...

SUSE-SU-2024:1945-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata bsc1224806...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2024:1910-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...