Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-25031

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00046EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2024/10/17 5:12 p.m.13 views

Exiv2 has an out-of-bounds read in QuickTimeVideo::NikonTagsDecoder

Impact An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0 see https://github.com/Exiv2/exiv2/pull/2337, so Exiv2 versions before v0.28 are not affected. Exiv2 is a command-line utility and C++ library for reading...

5.5CVSS6.5AI score0.00041EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2024/07/08 12:0 a.m.3 views

PT-2024-28633

Name of the Vulnerable Software and Affected Versions Exiv2 versions v0.28.0 through v0.28.2 Description An out-of-bounds read was found in the parser for the ASF video format, a new feature introduced in version v0.28.0. This issue is triggered when Exiv2 is used to read the metadata of a crafte...

9.8CVSS6.2AI score0.01101EPSS
Exploits3References32
OSV
OSVadded 2024/06/17 9:20 p.m.17 views

GHSA-W877-JFW7-46RJ DeepJavaLibrary API absolute path traversal

Summary DeepJavaLibraryDJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched in DJL Large Model Inference containers 0.27.0. Impacted versions: 0.1...

10CVSS9.2AI score0.00288EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2024/02/12 12:0 a.m.2 views

PT-2024-20754

Name of the Vulnerable Software and Affected Versions Exiv2 versions v0.28.0 through v0.28.1 Description Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2, caused by an unbounded...

9.8CVSS6.2AI score0.01101EPSS
Exploits3References36
Prion
Prionadded 2023/11/06 6:15 p.m.18 views

Design/Logic Flaw

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable function, BmffImage::brotliUncompress, is new in v0.28.0, so earlier versions of Exiv2 are not...

6.8CVSS7.2AI score0.00645EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2023/11/06 5:30 p.m.89 views

CVE-2023-44398

Exiv2 (C++ library) has an out-of-bounds write in v0.28.0 in the Brotli uncompression path (BmffImage::brotliUncompress) triggered by crafted image metadata. Earlier versions are not affected. The issue could lead to code execution if a victim runs Exiv2 on a crafted file. A fix is available in v...

8.8CVSS8.4AI score0.00645EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder