Lucene search
+L

467 matches found

Veracode
Veracode
added 2023/07/24 12:23 a.m.28 views

Denial Of Service (DoS)

jhead is vulnerable to Denial Of Service DoS. The vulnerability occurs due to a wild address read in the ProcessCanonMakerNoteDir function within makernote.c causing an application crash...

7.5CVSS6.7AI score0.01083EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/06/15 12:57 a.m.4 views

SUSE CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS7.5AI score0.01056EPSS
Exploits1References3
NVD
NVD
added 2023/06/13 8:15 p.m.28 views

CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS9.8AI score0.01056EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/06/13 8:15 p.m.3 views

CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS7.4AI score0.01056EPSS
Exploits1References3
OSV
OSV
added 2023/06/13 8:15 p.m.2 views

DEBIAN-CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS8.8AI score0.01056EPSS
Exploits1References1
Prion
Prion
added 2023/06/13 8:15 p.m.14 views

Stack overflow

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

7.5CVSS9.7AI score0.01056EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2023/06/13 8:15 p.m.32 views

CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS7.4AI score0.01056EPSS
Exploits1References3
OSV
OSV
added 2023/06/13 8:15 p.m.6 views

UBUNTU-CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS7.5AI score0.01056EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2023/06/13 12:0 a.m.55 views

CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS9.5AI score0.01056EPSS
Exploits1
OSV
OSV
added 2023/06/13 12:0 a.m.34 views

CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.8CVSS7.6AI score0.01056EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/06/13 12:0 a.m.9 views

CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

9.7AI score0.01056EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/06/13 12:0 a.m.7 views

jhead 缓冲区错误漏洞

jhead is a tool for modifying JPEG file information. A security vulnerability exists in jhead version 3.06, which stems from the presence of a stack buffer overflow...

9.8CVSS8.7AI score0.01056EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.4 views

PT-2023-12950 · Matthias Wandel +1 · Jhead +1

Name of the Vulnerable Software and Affected Versions: Matthias-Wandel/jhead version 3.06 Description: The issue arises from jhead copying strings to a stack buffer when it detects a &i or &o, without checking the boundary of the stack buffer. This results in a stack buffer overflow problem when...

9.8CVSS9AI score0.01056EPSS
Exploits1References12
Cvelist
Cvelist
added 2023/06/13 12:0 a.m.50 views

CVE-2022-28550

Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...

10AI score0.01056EPSS
Exploits1References2
CVE
CVE
added 2023/06/13 12:0 a.m.55 views

CVE-2022-28550

CVE-2022-28550 affects JHead 3.06. The vulnerability is a stack buffer overflow caused by copying into a fixed-size stack buffer when processing shellescape(), specifically when handling multiple &i or &o values; boundary checks on the stack buffer are missing. Reports across OSV, NVD, and Nessus...

9.8CVSS9.7AI score0.01056EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2023/05/31 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-6113-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.01131EPSS
Exploits0References2
OSV
OSV
added 2023/05/30 7:32 a.m.6 views

USN-6113-1 Jhead vulnerability

It was discovered that Jhead did not properly handle certain crafted images while processing the Exif markers. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service...

5.5CVSS6.7AI score0.01131EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/05/30 7:32 a.m.62 views

USN-6113-1: Jhead vulnerability

It was discovered that Jhead did not properly handle certain crafted images while processing the Exif markers. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service...

5.5CVSS6.3AI score0.01131EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/05/30 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-6110-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.01065EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/05/30 12:0 a.m.22 views

Ubuntu 16.04 ESM : Jhead vulnerability (USN-6113-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-6113-1 advisory. It was discovered that Jhead did not properly handle certain crafted images while processing the Exif markers. An attacker could possibly use this issue to crash...

5.5CVSS6.3AI score0.01131EPSS
Exploits0References2
Rows per page
Query Builder