Lucene search
K

53 matches found

RedHat Linux
RedHat Linux
added 2026/06/17 1:11 p.m.5 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.3AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 8:28 a.m.5 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.3AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 8:18 a.m.8 views

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerabilit...

7.1CVSS5.6AI score0.0014EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/16 8:18 a.m.6 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.4AI score0.0014EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/05 12:4 p.m.11 views

libexif security update

An update is available for libexif. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libexif packages provide a library for extracting extra information from...

7.1CVSS5.5AI score0.0014EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/06/05 12:3 p.m.13 views

libexif security update

An update is available for libexif. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libexif packages provide a library for extracting extra information from...

7.1CVSS5.5AI score0.0014EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

AlmaLinux 10 : libexif (ALSA-2026:22529)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22529 advisory. libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding CVE-2026-40386 Tenable has extracted the preceding...

7.1CVSS5.6AI score0.0014EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.18 views

AlmaLinux 9 : libexif (ALSA-2026:22553)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22553 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.21 views

RHEL 8 : libexif (RHSA-2026:20929)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20929 advisory. The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Information...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References7
OSV
OSV
added 2026/05/19 5:44 p.m.19 views

CLSA-2026-1779212665 php: Fix of 14 CVEs

CVE-2018-5711: fix infinite loop in gdImageCreateFromGifCtx - CVE-2018-5712: remove file name from phar stub error output XSS - CVE-2018-10545: do not set PRSETDUMPABLE in php-fpm workers by default - CVE-2018-10546: fail iconvmimedecode on invalid multibyte sequences - CVE-2018-10547: escape...

7.5CVSS6.8AI score0.79949EPSS
Exploits7References1
OSV
OSV
added 2026/05/07 5:6 a.m.11 views

MGASA-2026-0112 Updated libexif packages fix security vulnerabilities

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

7.8CVSS5.8AI score0.00193EPSS
Exploits1References3
Mageia
Mageia
added 2026/05/07 5:6 a.m.30 views

Updated libexif packages fix security vulnerabilities

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

7.8CVSS5.8AI score0.00193EPSS
Exploits1References2
OSV
OSV
added 2026/04/22 5:46 p.m.16 views

CLSA-2026-1776879963 php: Fix of 9 CVEs

CVE-2019-9020: fix heap out-of-bounds read in xmlrpcdecode - CVE-2019-9021: fix heap buffer overflow in phardetectpharfnameext - CVE-2019-9023: fix heap buffer over-reads in mbstring regex functions - CVE-2019-9641: fix uninitialized read in exifprocessIFDinTIFF - CVE-2019-11034: fix...

9.8CVSS6.9AI score0.10059EPSS
Exploits7References1
Snyk
Snyk
added 2026/04/12 7:7 p.m.9 views

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the MakerNote decoding process for Fuji and Olympus cameras. An attacker can cause a crash or leak information by providing specially crafted image files. Remediation Upgrade libexif to version...

7.1CVSS5.3AI score0.0014EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/12 6:19 p.m.3 views

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

7.1CVSS6.2AI score0.0014EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : libexif-0.6.22-1.el7 (AXSA:2020-584:04)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-584:04 advisory. libexif: out of bound write in exif-data.c CVE-2019-9278 libexif: out of bounds read due to a missing bounds check in exifdatasavedataentry function ...

8.8CVSS5.9AI score0.04059EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/08/06 2:7 a.m.4 views

SUSE CVE-2024-28570

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the processMakerNote function when reading images in JPEG format...

5.5CVSS6.6AI score0.00281EPSS
Exploits1References3
OSV
OSV
added 2024/03/20 6:15 a.m.2 views

DEBIAN-CVE-2024-28570

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the processMakerNote function when reading images in JPEG format...

5.5CVSS5.2AI score0.00281EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.5 views

PT-2024-22473 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 r1909 Description: The issue allows a local attacker to cause a denial of service DoS via the processMakerNote function when reading images in JPEG format. Recommendations: For FreeImage version 3.19.0 r1909, consider...

5.5CVSS6.7AI score0.00281EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.4 views

SUSE CVE-2016-6291

The exifprocessIFDinMAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service out-of-bounds array access and memory corruption, obtain sensitive information from process memory, or possibly have...

9.8CVSS9AI score0.05598EPSS
Exploits1References10
Rows per page
Query Builder