Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

OSV
OSVadded 2025/05/30 4:15 a.m.1 views

CVE-2025-44906

jhead v3.08 was discovered to contain a heap-use-after-free via the ProcessFile function at jhead.c...

7.8CVSS7.5AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/05/30 12:0 a.m.2 views

PT-2025-23239 · Jhead +1 · Jhead +1

Name of the Vulnerable Software and Affected Versions: jhead version 3.08 Description: A heap-use-after-free issue was discovered in jhead via the ProcessFile function at jhead.c. This issue affects jhead version 3.08. Recommendations: For jhead version 3.08, as a temporary workaround, consider...

7.8CVSS6.3AI score0.00082EPSS
Exploits1References16
Veracode
Veracodeadded 2023/07/24 12:23 a.m.23 views

Denial Of Service (DoS)

jhead is vulnerable to Denial Of Service DoS. The vulnerability occurs due to a wild address read in the ProcessCanonMakerNoteDir function within makernote.c causing an application crash...

7.5CVSS6.7AI score0.00403EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 3:44 a.m.1 views

SUSE CVE-2021-28276

A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a wild address read in the ProcessCanonMakerNoteDir function in makernote.c...

7.5CVSS7.4AI score0.00403EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/10/17 12:0 a.m.2 views

PT-2022-26056 · Jhead +3 · Jhead +3

Name of the Vulnerable Software and Affected Versions: Jhead version 3.06.0.1 Description: The issue allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option. Recommendations: For Jhead version 3.06.0.1, consider avoiding t...

7.8CVSS7.8AI score0.00064EPSS
Exploits2References46
OSV
OSVadded 2022/03/23 9:15 p.m.6 views

CVE-2021-28278

A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3.05 via the RemoveSectionType function in jpgfile.c...

7.8CVSS6.7AI score
Exploits0References2
OSV
OSVadded 2022/03/23 9:15 p.m.3 views

CVE-2021-28275

A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a craftedfile...

5.5CVSS6.4AI score
Exploits0References2
OSV
OSVadded 2017/04/04 6:44 a.m.3 views

MGASA-2017-0105 Updated jhead packages fix security vulnerability

It was discovered that jhead, a tool to manipulate the non-image part of EXIF compliant JPEG files, is prone to an out-of-bounds access vulnerability, which may result in denial of service or, potentially, the execution of arbitrary code if an image with specially crafted EXIF data is processed...

7.8CVSS7.6AI score0.00349EPSS
Exploits0References4
OSV
OSVadded 2017/03/22 12:0 a.m.21 views

DLA-864-1 jhead - security update

Bulletin has no description...

7.8CVSS7.4AI score0.00349EPSS
Exploits0
securityvulns
securityvulnsadded 2009/01/14 12:0 a.m.26 views

JHead multiple security vulnerabilities

Buffer overflow, symlink vulnerability, unfiltered shell characters vulnerability...

10CVSS3.4AI score0.02025EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2008/10/21 6:0 p.m.1 views

DEBIAN-CVE-2008-4640

The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which 1 a final "z" character is replaced by a "t" character or 2 a final "t" character is replaced by a "z" character...

3.6CVSS6.7AI score0.00064EPSS
Exploits0References1
Rows per page
Query Builder