Lucene search
K
AdobeXmp Toolkit Software Development Kit

28 matches found

CVE
CVE
added 2022/05/02 10:24 p.m.141 views

CVE-2021-42530

CVE-2021-42530 affects Exempi (XMP Toolkit SDK) up to version 2021.07 and earlier, due to a stack-based buffer overflow that can lead to arbitrary code execution in the current user context. Exploitation requires the user to open a crafted file. Debian LTS advisories show patched packages: 2.5.2-...

9.3CVSS7.7AI score0.036EPSS
CVE
CVE
added 2022/05/02 10:24 p.m.135 views

CVE-2021-42529

CVE-2021-42529 affects XMP Toolkit SDK 2021.07 and earlier, with a stack-based buffer overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a crafted file (user interaction). Connected advisories confirm the issue across mu...

9.3CVSS7.7AI score0.036EPSS
CVE
CVE
added 2021/09/01 2:33 p.m.125 views

CVE-2021-36056

CVE-2021-36056 affects XMP Toolkit SDK 2020.1 and earlier. The vulnerability is a heap-based buffer overflow in the Exempi XMP implementation that could lead to arbitrary code execution in the context of the current user. Exploitation requires the user to open a crafted file (user interaction). S...

9.3CVSS6.7AI score0.04378EPSS
CVE
CVE
added 2022/05/02 10:24 p.m.125 views

CVE-2021-42532

Multiple connected sources confirm CVE-2021-42532 affects Exempi (XMP Toolkit SDK) with a stack-based buffer overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (open a crafted file). Public details cite affected versions (...

9.3CVSS7.7AI score0.036EPSS
CVE
CVE
added 2021/09/01 2:33 p.m.113 views

CVE-2021-36054

Exempi (XMP Toolkit SDK) v2020.1 and earlier is affected by CVE-2021-36054, a heap-based buffer overflow vulnerability in the XMP toolkit. Exploitation requires the user to open a crafted file, potentially causing a local denial of service (and, per related advisories, may enable arbitrary code e...

5.5CVSS4.7AI score0.03751EPSS
CVE
CVE
added 2022/05/02 10:24 p.m.106 views

CVE-2021-42528

CVE-2021-42528 is a NULL pointer dereference in Exempi / XMP Toolkit 2021.07 (and earlier) when parsing a specially crafted file. An unauthenticated attacker could cause an application-denial-of-service in the context of the current user, with user interaction required to open the malicious file....

7.1CVSS5.6AI score0.01824EPSS
CVE
CVE
added 2022/05/02 10:24 p.m.104 views

CVE-2021-42531

CVE-2021-42531 affects Exempi (XMP Toolkit SDK) version 2021.07 and earlier, with a stack-based buffer overflow that can enable arbitrary code execution in the context of the current user. Exploitation requires the user to open a crafted file. Publicly documented fixes exist across distributions:...

9.3CVSS7.7AI score0.036EPSS
CVE
CVE
added 2021/09/01 2:32 p.m.100 views

CVE-2021-36052

The CVE-2021-36052 issue concerns Exempi (XMP Toolkit) and affects version 2020.1 and earlier, with an out-of-bounds memory access that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (e.g., opening a crafted file). Multiple connecte...

7.8CVSS7.8AI score0.03234EPSS
CVE
CVE
added 2021/09/01 2:32 p.m.90 views

CVE-2021-36053

CVE-2021-36053 affects Exempi (XMP Toolkit SDK) versions through 2020.1 and earlier, due to an out-of-bounds read that could disclose arbitrary memory. Exploitation requires user interaction (victim opens a malicious file), potentially bypassing ASLR. Connected advisories (Debian LTS, Mageia, Ubu...

4.3CVSS3.5AI score0.01964EPSS
CVE
CVE
added 2021/09/01 2:33 p.m.90 views

CVE-2021-36064

The CVE-2021-36064 issue affects Exempi (XMP Toolkit SDK) up to 2020.1 and earlier with a Buffer Underflow/Underflow vulnerability that could allow arbitrary code execution in the context of the current user when a victim opens a crafted file; user interaction is required. Public advisories acros...

9.3CVSS7.6AI score0.02716EPSS
CVE
CVE
added 2025/04/08 6:22 p.m.84 views

CVE-2025-30307

The CVE-2025-30307 entry places XMP Toolkit (versions 2023.12 and earlier) at risk due to an out-of-bounds read that can disclose memory and bypass ASLR. The vulnerability requires user interaction (victim opens a malicious file). Affected components are associated with Adobe XMP Toolkit/Exempi f...

5.5CVSS6.3AI score0.00235EPSS
CVE
CVE
added 2021/10/13 4:2 p.m.83 views

CVE-2021-40732

CVE-2021-40732 concerns Exempi’s XMP Toolkit (versions 2020.1 and earlier). The connected sources confirm a NULL pointer dereference in the Exempi library when processing certain files, allowing leakage of memory contents and enabling local denial of service within the current user context. Explo...

6.1CVSS6.2AI score0.02278EPSS
CVE
CVE
added 2021/09/01 2:32 p.m.81 views

CVE-2021-36050

CVE-2021-36050 affects Exempi (XMP Toolkit SDK) 2020.1 and earlier, with a heap-based buffer overflow that can lead to arbitrary code execution under the current user when a crafted file is opened (user interaction required). Debian LTS advisories show fixes: 2.5.0-2+deb10u1 for Debian 10 (buster...

9.3CVSS7.7AI score0.05399EPSS
CVE
CVE
added 2021/09/01 2:31 p.m.80 views

CVE-2021-36046

The CVE-2021-36046 issue affects Exempi (XMP Toolkit) 2020.1 and earlier, with a memory corruption vulnerability that could lead to arbitrary code execution in the current user context. Exploitation requires user interaction (e.g., opening a crafted file). Public advisories in the connected docum...

9.3CVSS7.7AI score0.02487EPSS
CVE
CVE
added 2021/09/01 2:35 p.m.78 views

CVE-2021-39847

CVE-2021-39847 affects the XMP Toolkit SDK (Exempi) versions 2020.1 and earlier. The issue is a stack-based buffer overflow in Exempi, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a crafted file. Con...

9.3CVSS7.7AI score0.05399EPSS
CVE
CVE
added 2025/04/08 6:22 p.m.78 views

CVE-2025-30305

Summary of CVE-2025-30305 (CVE record) : XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could disclose sensitive memory and bypass mitigations such as ASLR. Exploitation requires user interaction (victim must open a malicious file). The issue is ...

5.5CVSS6.3AI score0.00235EPSS
CVE
CVE
added 2023/08/10 1:40 p.m.75 views

CVE-2023-38210

CVE-2023-38210 affects Adobe XMP Toolkit SDK (2022.06). The flaw is an Uncontrolled Resource Consumption leading to application denial-of-service when a user opens a malicious file; exploitation requires user interaction and is context of the current user. Adobe’s advisory APSB23-45 notes a secur...

5.5CVSS5.2AI score0.00284EPSS
CVE
CVE
added 2021/09/29 3:41 p.m.74 views

CVE-2021-40716

CVE-2021-40716 affects Exempi/XMP Toolkit SDK (versions 2021.07 and earlier). The issue is an out-of-bounds read that could disclose sensitive memory and potentially bypass ASLR; exploitation requires user interaction (open a crafted file). Publicly documented fixes include: Debian has updated ex...

5.5CVSS5.4AI score0.0217EPSS
CVE
CVE
added 2021/09/01 2:32 p.m.73 views

CVE-2021-36045

CVE-2021-36045 is an out-of-bounds read vulnerability in Exempi (XMP Toolkit SDK 2020.1 and earlier) that could disclose arbitrary memory and potentially bypass ASLR. Exploitation requires the user to open a malicious file. Public advisories (Debian, Mageia, Ubuntu) indicate fixes in newer exploi...

4.3CVSS3.5AI score0.01936EPSS
CVE
CVE
added 2021/09/01 2:32 p.m.73 views

CVE-2021-36055

CVE-2021-36055 affects Exempi (XMP Toolkit SDK) up to version 2020.1 and earlier, with a use-after-free that could allow arbitrary code execution under the current user when a victim opens a crafted file. Several advisories document the issue across distros and provide patches: Debian bullseye 2....

9.3CVSS7.6AI score0.02756EPSS
CVE
CVE
added 2021/09/01 2:33 p.m.73 views

CVE-2021-36057

CVE-2021-36057 affects the XMP Toolkit SDK 2020.1 and earlier. The vulnerability is a write-what-where condition during the application’s memory allocation, which can cause mismatches in memory management and lead to local denial of service in the context of the current user. The issue is confirm...

4CVSS3.7AI score0.00645EPSS
CVE
CVE
added 2025/04/08 6:22 p.m.72 views

CVE-2025-30306

CVE-2025-30306 refers to an out-of-bounds read in Adobe XMP Toolkit (versions 2023.12 and earlier). The vulnerability could disclose sensitive memory and potentially bypass mitigations such as ASLR; exploitation requires user interaction (victim opens a malicious file). Multiple connected sources...

5.5CVSS6.3AI score0.00235EPSS
CVE
CVE
added 2021/10/04 1:29 p.m.69 views

CVE-2021-36051

CVE-2021-36051 is a heap-based buffer overflow in Exempi (XMP Toolkit SDK 2020.1 and earlier) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a crafted file, e.g., .cpp). Affected component: exempi (XMP Toolkit). P...

7.8CVSS7.8AI score0.05409EPSS
CVE
CVE
added 2021/09/01 2:32 p.m.68 views

CVE-2021-36047

CVE-2021-36047 affects the Exempi/XMP Toolkit SDK (version 2020.1 and earlier). The issue is described as an Improper Input Validation vulnerability that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (the victim must open a crafted...

9.3CVSS7.5AI score0.02716EPSS
CVE
CVE
added 2021/09/01 2:32 p.m.67 views

CVE-2021-36048

CVE-2021-36048 affects XMP Toolkit SDK 2020.1 and earlier and is due to Improper Input Validation, potentially leading to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a crafted file (user interaction). Public references in connected documen...

9.3CVSS7.5AI score0.02716EPSS
CVE
CVE
added 2021/09/01 2:33 p.m.66 views

CVE-2021-36058

CVE-2021-36058 affects the XMP Toolkit SDK (Exempi) up to version 2020.1 and earlier. The underlying issue is an Integer Overflow in Exempi, which can lead to an application-level denial of service in the context of the current user when a victim opens a crafted file. Exploitation requires user i...

5.5CVSS5.6AI score0.01955EPSS
CVE
CVE
added 2025/04/08 6:22 p.m.58 views

CVE-2025-30308

CVE-2025-30308 concerns the XMP Toolkit (versions 2023.12 and earlier) with an out-of-bounds read that can disclose memory and potentially bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Adobe’s APSB25-34 security update addresses this vulnerability in XMP Too...

5.5CVSS6.3AI score0.00235EPSS
CVE
CVE
added 2025/04/08 6:22 p.m.57 views

CVE-2025-30309

Summary of CVE-2025-30309 : XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read that can disclose memory and bypass mitigations like ASLR. Exploitation requires user interaction (a victim must open a malicious file). Affected software is the Adobe XMP Toolkit family; mu...

5.5CVSS6.3AI score0.00235EPSS