Lucene search
+L

850 matches found

Snyk
Snyk
added 2026/03/25 3:3 p.m.5 views

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the TLS module when a SNICallback throws synchronously on unexpected input the exception bypasses TLS error handlers and propagates as an uncaught exception. A remote attacker can crash or exhaust resources of a TL...

8.2CVSS7.3AI score0.01056EPSS
Exploits0References2
Amazon
Amazon
added 2026/03/19 12:0 a.m.14 views

Important: exiv2

Issue Overview: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

8.1CVSS5.7AI score0.00367EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.4 views

Amazon Linux 2 : exiv2, --advisory ALAS2-2026-3201 (ALAS-2026-3201)

The version of exiv2 installed on the remote host is prior to 0.27.0-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3201 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata...

8.1CVSS5.8AI score0.00367EPSS
Exploits1References8
OSV
OSV
added 2026/03/15 5:53 a.m.6 views

OESA-2026-1564 exiv2 security update

Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: An out-of-bounds read was found in...

8.1CVSS5.8AI score0.00367EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/12 10:39 p.m.8 views

Uncaught Exception

Overview org.webjars.npm:undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Uncaught Exception through improper validation of the servermaxwindowbits parameter in the permessage-deflate extension. An attacker can cause the process...

8.7CVSS5.8AI score0.00874EPSS
Exploits0References2
OSV
OSV
added 2026/03/12 9:16 p.m.3 views

DEBIAN-CVE-2026-2229

ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the servermaxwindowbits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. ...

7.5CVSS7.5AI score0.00874EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/12 8:21 p.m.7 views

Uncaught Exception

Overview org.webjars.npm:undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Uncaught Exception in the ByteParser when handling a specially crafted WebSocket frame with an extremely large 64-bit length. An attacker can cause the...

8.7CVSS5.8AI score0.00488EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/11 8:43 p.m.6 views

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the ClientImpl::openstream function when processing the Content-Length response header in the streaming API. An attacker can cause the client process to crash by sending a malformed or excessively large...

8.7CVSS5.8AI score0.00453EPSS
Exploits1References2
OSV
OSV
added 2026/03/11 6:16 p.m.9 views

UBUNTU-CVE-2026-31870

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...

7.5CVSS5.7AI score0.00453EPSS
Exploits1References3
CVE
CVE
added 2026/03/11 5:57 p.m.33 views

CVE-2026-31870

cpp-httplib prior to 0.37.1 uses streaming API (httplib::stream::Get, httplib::stream::Post, etc.) and directly calls std::stoull on the Content-Length header without validation, causing unhandled exceptions and a deterministic crash via std::terminate() when a non-numeric or out-of-range value i...

7.5CVSS5.7AI score0.00453EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/09 12:0 a.m.7 views

GLSA-202603-01 : Exiv2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202603-01 Exiv2: Multiple Vulnerabilities The following vulnerabilities have been discovered in Exiv2: 2 out of bounds reads, an integer overflow, and an uncaught exception. The worst of which can lead to a Denial of Service via a...

8.1CVSS6.7AI score0.00561EPSS
Exploits1References7
Gentoo Linux
Gentoo Linux
added 2026/03/09 12:0 a.m.12 views

Exiv2: Multiple Vulnerabilities

Background Exiv2 is a C++ library and set of tools for parsing, editing and saving Exif and IPTC metadata from images. Description The following vulnerabilities have been discovered in Exiv2: 2 out of bounds reads, an integer overflow, and an uncaught exception. The worst of which can lead to a...

6.5CVSS6.6AI score0.00561EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.8 views

Exiv2 0.28.7 Multiple Vulnerabilities

The version of Exiv2 installed on the remote host is 0.28.7. It is, therefore, affected by multiple vulnerabilities: - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. In version 0.28.7, an out-of-bounds read was found. Th...

8.1CVSS5.9AI score0.00367EPSS
Exploits1References6
Snyk
Snyk
added 2026/03/03 12:26 a.m.3 views

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the preview component when processing input with an extra command line argument such as -pp. An attacker can cause the application to crash by providing crafted input that triggers an integer overflow, leading to t...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References2
OSV
OSV
added 2026/03/02 8:16 p.m.8 views

AZL-78527 CVE-2026-27631 affecting package exiv2 0.28.3-1

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS5.7AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 8:16 p.m.6 views

UBUNTU-CVE-2026-27631

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/02 7:40 p.m.28 views

CVE-2026-27631 Exiv2: Uncaught exception - cannot create std::vector larger than max_size()

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS0.00255EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/02 7:40 p.m.8 views

EUVD-2026-9263

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/02 7:40 p.m.4 views

CVE-2026-27631 Exiv2: Uncaught exception - cannot create std::vector larger than max_size()

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References4
CVE
CVE
added 2026/03/02 7:40 p.m.40 views

CVE-2026-27631

CVE-2026-27631 affects the Exiv2 library/editor. The vulnerability resides in the preview component and is triggered when Exiv2 is run with an extra command line argument (e.g., -pp). An integer overflow can cause code to attempt to create a huge std::vector, leading to a crash via an uncaught ex...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder