41 matches found
CVE-2026-27631
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
UBUNTU-CVE-2026-27596
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
CVE-2026-27596 Exiv2: Integer Underflow in LoaderNative::getData() Causes Heap Buffer Overflow
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
EUVD-2026-9262
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
CVE-2026-27596
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
CVE-2026-27596
The CVE-2026-27596 issue affects Exiv2 prior to 0.28.8, with an out-of-bounds read triggered in the preview component when running with extra args (e.g., -pp). The CVE is fixed in Exiv2 0.28.8; advisories note the vulnerability in both the CRW image parser and the preview path, where a 4GB offset...
CVE-2026-27631 Exiv2: Uncaught exception - cannot create std::vector larger than max_size()
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
CVE-2026-27631 Exiv2: Uncaught exception - cannot create std::vector larger than max_size()
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
CVE-2026-27631 Exiv2: Uncaught exception - cannot create std::vector larger than max_size()
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
CVE-2026-27631
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...
CVE-2026-27631
CVE-2026-27631 affects the Exiv2 library/editor. The vulnerability resides in the preview component and is triggered when Exiv2 is run with an extra command line argument (e.g., -pp). An integer overflow can cause code to attempt to create a huge std::vector, leading to a crash via an uncaught ex...
Exiv2 数字错误漏洞
Exiv2 is a C++ library and command-line application developed by Andreas Huggel, designed for managing image metadata. This product provides functionality for reading and writing image metadata in various formats such as EXIF, IPTC, and XMP. Versions of Exiv2 prior to 0.28.8 contained a numerical...
Exiv2 安全漏洞
Exiv2 is a C++ library and command-line application developed by Andreas Huggel, designed for managing image metadata. This product provides functionality for reading and writing image metadata in various formats such as EXIF, IPTC, and XMP. Versions of Exiv2 prior to 0.28.8 contained a security...
PT-2026-22695
Name of the Vulnerable Software and Affected Versions Exiv2 versions prior to 0.28.8 Description Exiv2 is a C++ library and a command-line utility used to read, write, delete, and modify image metadata formats like Exif, IPTC, XMP, and ICC. A flaw exists in the preview component that can lead to ...
PT-2026-22696
Name of the Vulnerable Software and Affected Versions Exiv2 versions prior to 0.28.8 Description Exiv2 is a C++ library and a command-line utility used to read, write, delete, and modify image metadata Exif, IPTC, XMP, and ICC. A flaw exists in the preview component where an integer overflow can...
CVE-2024-22637
Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /formbuilder/preview.php?formid=2...
CVE-2024-33231
Cross Site Scripting vulnerability in Ferozo Email version 1.1 allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component...
CVE-2024-33231
Cross Site Scripting vulnerability in Ferozo Email version 1.1 allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component...
Gradio 路径遍历漏洞
Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. A security vulnerability exists in Gradio versions 5.0.0 through 5.4.0, which stems from a File or UploadButton component, when used to preview fi...
Malicious code in resume-preview-component (npm)
--- -= Per source details. Do not edit below this line.=-...