53 matches found
libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding
A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...
libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding
A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...
Moderate: Red Hat Security Advisory: libexif security update
An update for libexif is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerabilit...
libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding
A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...
libexif security update
An update is available for libexif. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libexif packages provide a library for extracting extra information from...
libexif security update
An update is available for libexif. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libexif packages provide a library for extracting extra information from...
AlmaLinux 10 : libexif (ALSA-2026:22529)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22529 advisory. libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding CVE-2026-40386 Tenable has extracted the preceding...
AlmaLinux 9 : libexif (ALSA-2026:22553)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22553 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...
RHEL 8 : libexif (RHSA-2026:20929)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20929 advisory. The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Information...
CLSA-2026-1779212665 php: Fix of 14 CVEs
CVE-2018-5711: fix infinite loop in gdImageCreateFromGifCtx - CVE-2018-5712: remove file name from phar stub error output XSS - CVE-2018-10545: do not set PRSETDUMPABLE in php-fpm workers by default - CVE-2018-10546: fail iconvmimedecode on invalid multibyte sequences - CVE-2018-10547: escape...
MGASA-2026-0112 Updated libexif packages fix security vulnerabilities
CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...
Updated libexif packages fix security vulnerabilities
CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...
CLSA-2026-1776879963 php: Fix of 9 CVEs
CVE-2019-9020: fix heap out-of-bounds read in xmlrpcdecode - CVE-2019-9021: fix heap buffer overflow in phardetectpharfnameext - CVE-2019-9023: fix heap buffer over-reads in mbstring regex functions - CVE-2019-9641: fix uninitialized read in exifprocessIFDinTIFF - CVE-2019-11034: fix...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the MakerNote decoding process for Fuji and Olympus cameras. An attacker can cause a crash or leak information by providing specially crafted image files. Remediation Upgrade libexif to version...
CVE-2026-40386
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...
MiracleLinux 7 : libexif-0.6.22-1.el7 (AXSA:2020-584:04)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-584:04 advisory. libexif: out of bound write in exif-data.c CVE-2019-9278 libexif: out of bounds read due to a missing bounds check in exifdatasavedataentry function ...
SUSE CVE-2024-28570
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the processMakerNote function when reading images in JPEG format...
DEBIAN-CVE-2024-28570
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the processMakerNote function when reading images in JPEG format...
PT-2024-22473 · Freeimage +1 · Freeimage +1
Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 r1909 Description: The issue allows a local attacker to cause a denial of service DoS via the processMakerNote function when reading images in JPEG format. Recommendations: For FreeImage version 3.19.0 r1909, consider...
SUSE CVE-2016-6291
The exifprocessIFDinMAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service out-of-bounds array access and memory corruption, obtain sensitive information from process memory, or possibly have...