CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Tenable Nessus•added 2026/03/15 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: exiv2 (UTSA-2026-006187)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006187 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2...

5.5CVSS5.8AI score0.00024EPSS

Exploits0References4

Tenable Nessus•added 2025/12/09 12:0 a.m.•4 views

Amazon Linux 2023 : exiv2, exiv2-devel, exiv2-libs (ALAS2023-2025-1296)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1296 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier...

5.5CVSS5.9AI score0.00024EPSS

Exploits1References6

Tenable Nessus•added 2025/11/04 12:0 a.m.•6 views

TencentOS Server 4: exiv2 (TSSA-2025:0843)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0843 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

5.5CVSS5.8AI score0.00024EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-26206

Malicious code in bioql PyPI...

5.5CVSS6.3AI score0.00011EPSS

Exploits1References5

OSV•added 2025/09/12 2:26 p.m.•1 views

OESA-2025-2274 exiv2 security update

Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: A vulnerability, which was classifie...

5.5CVSS6.6AI score0.00024EPSS

Exploits1References3

OSV•added 2025/09/05 12:40 p.m.•1 views

OESA-2025-2116 exiv2 security update

5.5CVSS6.5AI score0.00024EPSS

Exploits1References3

OSV•added 2025/09/05 12:40 p.m.•1 views

OESA-2025-2115 exiv2 security update

5.5CVSS6.7AI score0.00024EPSS

Exploits0References2

OSV•added 2025/09/05 12:40 p.m.•1 views

OESA-2025-2113 exiv2 security update

5.5CVSS6.7AI score0.00024EPSS

Exploits0References2

SUSE CVE•added 2025/08/29 11:24 p.m.•0 views

SUSE CVE-2025-54080

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

5.5CVSS6.6AI score0.00024EPSS

Exploits0References4

SUSE CVE•added 2025/08/29 11:23 p.m.•1 views

SUSE CVE-2025-55304

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was found in Exiv2 version 0.28.5: a quadratic algorithm in the ICC profile parsing code in jpegBase::readMetadata can cause Exiv2 to run for a long time...

3.3CVSS6.9AI score0.00011EPSS

Exploits1References5

OSV•added 2025/08/29 3:15 p.m.•1 views

DEBIAN-CVE-2025-54080

5.5CVSS6.3AI score0.00024EPSS

Exploits0References1

OSV•added 2025/08/29 3:15 p.m.•2 views

AZL-66767 CVE-2025-55304 affecting package exiv2 0.28.0-1

5.5CVSS5.8AI score0.00011EPSS

Exploits1References1

OSV•added 2025/08/29 3:15 p.m.•3 views

AZL-66764 CVE-2025-54080 affecting package exiv2 0.28.0-1

5.5CVSS6.6AI score0.00024EPSS

Exploits0References1

Vulnrichment•added 2025/08/29 3:0 p.m.•1 views

CVE-2025-55304 Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata

1.8CVSS6.4AI score0.00011EPSS

Exploits1References4

Cvelist•added 2025/08/29 2:50 p.m.•5 views

CVE-2025-54080 Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file

1.8CVSS0.00024EPSS

Exploits0References2

OSV•added 2025/08/29 2:50 p.m.•2 views

CVE-2025-54080 Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file

1.8CVSS6.1AI score0.00024EPSS

Exploits0References4

OSV•added 2025/08/29 2:49 p.m.•1 views

GHSA-496F-X7CQ-CQ39 Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file

Impact An out-of-bounds read was found in Exiv2 versions v0.28.5 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image...

1.8CVSS6.6AI score0.00024EPSS

Exploits0References4

NVD•added 2009/08/21 5:30 p.m.•16 views

CVE-2009-2473

neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, a similar issue to...

4.3CVSS6.7AI score0.11049EPSS

Exploits1References13

Prion•added 2009/08/21 5:30 p.m.•28 views

Design/Logic Flaw

neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate...

5.8CVSS8.9AI score0.01855EPSS

Exploits4References13Affected Software4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by