165 matches found
MiracleLinux 7 : libexif-0.6.21-7.el7 (AXSA:2020-162:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-162:02 advisory. libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS CVE-2020-13112 Tenable has extracted the preceding...
MiracleLinux 8 : libexif-0.6.21-17.el8 (AXSA:2020-249:03)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-249:03 advisory. libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS CVE-2020-13112 Tenable has extracted the preceding...
MiracleLinux 4 : libexif-0.6.21-6.AXS4 (AXSA:2020-137:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-137:01 advisory. libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS CVE-2020-13112 Tenable has extracted the preceding...
EUVD-2020-5388
Malware in sbrugna...
EUVD-2020-5389
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-20337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or...
PT-2023-35704 · Libraw · Libraw
Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a crash in LibRaw, specifically in the LibRaw::sget4 function, which is called by LibRaw::parseAdobeRAFMakernote and LibRaw::parse tiff ifd. The crash type is reporte...
K48355112: PHP vulnerability CVE-2018-10549
Security Advisory Description An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a fin...
SUSE CVE-2018-10549
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a final '\0' character...
SUSE CVE-2020-13113
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions...
SUSE CVE-2020-13112
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093...
SUSE CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
RLSA-2022:1842 Moderate: exiv2 security, bug fix, and enhancement update
Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...
The vulnerability of the exif_process_ifd_in_makernote function (ext/exif/exif.c) in the PHP programming language allows a attacker to cause a service failure, disclose protected information, or potentially have other adverse effects.
The vulnerability of the exifprocessifdinmakernote function ext/exif/exif.c in the PHP programming language is caused by buffer overflow. Exploiting this vulnerability could allow a remote attacker to cause service failures, disclose sensitive information, or potentially have other adverse effect...
CVE-2021-28276
CVE-2021-28276 affects jhead 3.04 and 3.05; DoS via a wild address read in ProcessCanonMakerNoteDir (makernote.c). Impact: availability degradation. Mitigation: upgrade to jhead 3.06+ (per GLSA/Ubuntu advisories). No exploitation details provided in the sources; no further specifics beyond the ci...
jhead 安全漏洞
jhead is a tool for modifying information in JPEG files. A security vulnerability exists in makernote.c in jhead versions 3.04 and 3.05. No information about the vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...
OESA-2021-1286 libexif security update
Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. Security Fixes: An issue was discovered in libexif before 0.6.22. Use of uninitialized memor...
NewStart CGSL CORE 5.04 / MAIN 5.04 : libexif Multiple Vulnerabilities (NS-SA-2021-0036)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libexif packages installed that are affected by multiple vulnerabilities: - In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media...
libexif: use of uninitialized memory in EXIF Makernote handling can lead to crashes and use-after-free
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions...
libexif: unrestricted size in handling Canon EXIF MakerNote data can lead to consumption of large amounts of compute time
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...