Lucene search
K

171 matches found

SUSE CVE
SUSE CVE
added 2024/09/21 3:40 a.m.6 views

SUSE CVE-2024-9029

A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the readiptcprofile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked to the library,...

7.5CVSS6.6AI score0.00514EPSS
Exploits1References3
OSV
OSV
added 2024/03/20 6:15 a.m.31 views

UBUNTU-CVE-2024-28568

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the readiptcprofile function when reading images in TIFF format...

6.2CVSS5.8AI score0.00292EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.6 views

FreeImage Security Vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. A security vulnerability exists in FreeImage version v.3.19.0, which stems from a buffer overflow vulnerability. A local attacker can exploit this vulnerability to cause a Denial of Service DoS via the...

6.2CVSS7AI score0.00292EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.5 views

PT-2024-22470 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 r1909 Description: A Buffer Overflow issue allows a local attacker to cause a denial of service DoS via the read iptc profile function when reading images in TIFF format. Recommendations: For FreeImage version 3.19.0...

6.2CVSS6.7AI score0.00292EPSS
Exploits1References12
Veracode
Veracode
added 2023/11/08 5:38 a.m.18 views

Out-of-bounds Write

libexiv2.so is vulnerable to Out-of-bounds Write. The vulnerability exists because of an integer overflow in the brotliUncompress function within bmffimage.cpp. This flaw enables an attacker to manipulate and potentially read, write, delete, or modify image metadata such as Exif, IPTC, XMP, and I...

8.8CVSS7.2AI score0.00965EPSS
Exploits0References3Affected Software2
Ubuntu
Ubuntu
added 2023/05/23 2:23 p.m.53 views

USN-6098-1: Jhead vulnerabilities

It was discovered that Jhead did not properly handle certain crafted images while processing the JFIF markers. An attacker could cause Jhead to crash. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. CVE-2019-19035 It was discovered that Jhead did not properly...

7.8CVSS6.3AI score0.01435EPSS
Exploits7
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-16353

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...

5.3CVSS9.4AI score0.13679EPSS
Exploits3References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-17724

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...

5.5CVSS8.9AI score0.02172EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.4 views

SUSE CVE-2018-9305

In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case...

4.4CVSS6.7AI score0.01992EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.5 views

SUSE CVE-2018-16750

In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found...

3.3CVSS9.2AI score0.02914EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.8 views

SUSE CVE-2018-19107

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer over-read caused by an integer overflow via a crafted PSD image file...

3.3CVSS7.8AI score0.01816EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.4 views

SUSE CVE-2019-1010302

jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 showIPTC. The attack vector is: the victim must open a specially crafted JPEG file...

3.3CVSS6.3AI score0.00969EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.4 views

SUSE CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

6.5CVSS6.7AI score0.01332EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.4 views

SUSE CVE-2021-37622

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacke...

5.3CVSS9.1AI score0.01109EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.4 views

SUSE CVE-2022-41649

A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger...

9.1CVSS8.4AI score0.01458EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.1 views

SUSE CVE-2022-41988

An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

5.3CVSS6.9AI score0.01169EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/12/23 11:3 p.m.34 views

CVE-2022-41649

A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger...

7.5CVSS9.3AI score0.01458EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/12/23 11:3 p.m.35 views

CVE-2022-41649

A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A specially-crafted TIFF file can cause a read of adjacent heap memory, which can leak sensitive process information. An attacker can provide a malicious file to trigger...

9.1CVSS8.4AI score0.01458EPSS
Exploits1
CNVD
CNVD
added 2022/12/23 12:0 a.m.38 views

OpenImageIO Heap Out-of-Bounds Read Vulnerability (CNVD-2023-01796)

OpenImageIO is an image read and write library that also provides several tools and applications. OpenImageIO v2.3.19.0 suffers from a heap out-of-bounds read vulnerability when processing IPTC data. An attacker could exploit this vulnerability to read heap memory via specially crafted TIFF files...

9.1CVSS2.4AI score0.01458EPSS
Exploits1References1
OSV
OSV
added 2022/12/22 10:15 p.m.2 views

DEBIAN-CVE-2022-41988

An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

7.5CVSS6.7AI score0.01169EPSS
Exploits1References1
Rows per page
Query Builder