CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

77 matches found

CVE•added 2026/05/22 10:18 a.m.•11 views

CVE-2026-5755

CVE-2026-5755 affects Mattermost releases 11.6.x up to 11.6.0, 11.5.x up to 11.5.2/11.5.3, 11.4.x up to 11.4.4, and 10.11.x up to 10.11.14. The issue arises from failure to validate the TIFF IFD offset in the image header before memory allocation, allowing authenticated users with file upload or ...

6.5CVSS5.8AI score0.00038EPSS

Exploits0References1Affected Software1

OSV•added 2026/05/19 5:44 p.m.•6 views

CLSA-2026-1779212665 php: Fix of 14 CVEs

CVE-2018-5711: fix infinite loop in gdImageCreateFromGifCtx - CVE-2018-5712: remove file name from phar stub error output XSS - CVE-2018-10545: do not set PRSETDUMPABLE in php-fpm workers by default - CVE-2018-10546: fail iconvmimedecode on invalid multibyte sequences - CVE-2018-10547: escape...

7.5CVSS6.8AI score0.89192EPSS

Exploits7References1

OSV•added 2026/04/22 5:46 p.m.•7 views

CLSA-2026-1776879963 php: Fix of 9 CVEs

CVE-2019-9020: fix heap out-of-bounds read in xmlrpcdecode - CVE-2019-9021: fix heap buffer overflow in phardetectpharfnameext - CVE-2019-9023: fix heap buffer over-reads in mbstring regex functions - CVE-2019-9641: fix uninitialized read in exifprocessIFDinTIFF - CVE-2019-11034: fix...

9.8CVSS6.9AI score0.52083EPSS

Exploits7References1

Packet Storm News•added 2026/04/22 12:0 a.m.•2 views

DNG File Generator for Security Testing

This C++ program is a complex security research tool CVE-2026-27280 designed to manually construct a DNG Digital Negative image file with fully controlled internal structures TIFF/DNG headers, IFD tables, and metadata tags...

7.8CVSS5.7AI score0.00014EPSS

Exploits0

Packet Storm•added 2026/02/09 12:0 a.m.•213 views

📄 Samsung Quram DNG Remote Code Execution

A vulnerability exists in Samsung's image decoding library libimagecodec.quram.so responsible for parsing Digital Negatives DNG. A malformed DNG containing oversized IFD entries can cause heap corruption. With precise heap grooming, this condition may lead to remote code execution when the...

9.8CVSS6.4AI score0.04908EPSS

Exploits3

NVD•added 2025/12/02 2:15 a.m.•3 views

CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...

6.5CVSS0.00043EPSS

Exploits0References1

OSV•added 2025/12/02 2:15 a.m.•1 views

CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...

6.5CVSS5.9AI score

Exploits0References1

Vulnrichment•added 2025/12/02 1:24 a.m.•1 views

CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...

4.3CVSS6.5AI score0.00043EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2007-6323

Malware in sbrugna...

5CVSS6.1AI score0.01139EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-0284

Malware in sbrugna...

5.5CVSS6.9AI score0.00286EPSS

Exploits0References23

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-1045

Malware in sbrugna...

7.5CVSS6AI score0.06096EPSS

Exploits0References13

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-5530

Malware in sbrugna...

9.8CVSS8.5AI score0.05437EPSS

Exploits1References20

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-1808

Malware in sbrugna...

6.5CVSS6.7AI score0.01412EPSS

Exploits0References19

NVD•added 2025/09/02 11:15 p.m.•4 views

CVE-2025-22423

In ParseTag of dngifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS0.01304EPSS

Exploits0References2

OSV•added 2025/09/02 11:15 p.m.•0 views

CVE-2025-22423

7.5CVSS5.9AI score

Exploits0References2

CVE•added 2025/09/02 10:11 p.m.•425 views

CVE-2025-22423

The CVE-2025-22423 entry concerns the dng_ifd.cpp ParseTag function where a missing bounds check can crash the image renderer, enabling remote DoS with no privileges and no user interaction. Connected OSV/Red Hat/Android bulletin records corroborate a bound-check issue in the same function and de...

7.5CVSS6AI score0.01304EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2023/03/17 12:0 a.m.•1 views

PT-2023-35704 · Libraw · Libraw

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a crash in LibRaw, specifically in the LibRaw::sget4 function, which is called by LibRaw::parseAdobeRAFMakernote and LibRaw::parse tiff ifd. The crash type is reporte...

6.8AI score

Exploits0References2

SUSE CVE•added 2023/02/15 6:18 a.m.•1 views

SUSE CVE-2005-1042

Integer overflow in the exifprocessIFDTAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count...

7.5CVSS8.3AI score0.06096EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:49 a.m.•2 views

SUSE CVE-2012-0248

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service infinite loop and hang via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF...

5.5CVSS6.6AI score0.00286EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 4:48 a.m.•1 views

SUSE CVE-2017-6887

A boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs...

5.6CVSS9.2AI score0.0032EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by