Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Exiv2Exiv2

121 matches found

CVE
CVEadded 2024/02/12 11:15 p.m.50 views

CVE-2024-24826

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0, so Exiv2 versions before v0.28 are not ...

5.5CVSS5.1AI score0.00042EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.48 views

CVE-2017-14858

There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.

5.5CVSS5.5AI score0.00236EPSS
CVE
CVEadded 2018/02/12 10:29 p.m.48 views

CVE-2017-17725

In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, whi...

6.5CVSS6.1AI score0.003EPSS
CVE
CVEadded 2018/02/12 10:29 p.m.47 views

CVE-2017-17723

In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.

8.1CVSS6.7AI score0.00372EPSS
CVE
CVEadded 2017/07/17 1:18 p.m.46 views

CVE-2017-11338

There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.

6.5CVSS6.2AI score0.00567EPSS
CVE
CVEadded 2017/08/18 9:29 p.m.46 views

CVE-2017-12957

There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service.

6.5CVSS6.4AI score0.00567EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.46 views

CVE-2017-14857

In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.

5.5CVSS5.6AI score0.00278EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.46 views

CVE-2017-14860

There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.

5.5CVSS5.8AI score0.00278EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.46 views

CVE-2017-14861

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack.

5.5CVSS5.3AI score0.00391EPSS
CVE
CVEadded 2018/05/07 7:29 a.m.46 views

CVE-2018-10780

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.

6.5CVSS6.4AI score0.00238EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.45 views

CVE-2017-14866

There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.

5.5CVSS5.5AI score0.00236EPSS
CVE
CVEadded 2017/09/29 1:34 a.m.44 views

CVE-2017-14863

A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

5.5CVSS5.2AI score0.00278EPSS
CVE
CVEadded 2018/03/30 8:29 a.m.42 views

CVE-2018-9144

In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.

8.1CVSS6.6AI score0.00385EPSS
CVE
CVEadded 2019/02/25 3:29 p.m.42 views

CVE-2019-9144

An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

8.8CVSS8.8AI score0.0147EPSS
CVE
CVEadded 2017/07/17 1:18 p.m.41 views

CVE-2017-11340

There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.

6.5CVSS6.3AI score0.00647EPSS
CVE
CVEadded 2018/02/12 10:29 p.m.40 views

CVE-2017-17722

In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.

6.5CVSS6.2AI score0.003EPSS
CVE
CVEadded 2008/06/13 7:41 p.m.38 views

CVE-2008-2696

Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.

4.3CVSS6.1AI score0.01783EPSS
CVE
CVEadded 2017/11/17 10:29 p.m.37 views

CVE-2017-1000127

Exiv2 0.26 contains a heap buffer overflow in tiff parser

5.5CVSS5.6AI score0.00357EPSS
CVE
CVEadded 2023/08/22 7:15 p.m.32 views

CVE-2020-18831

Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file.

7.8CVSS7.3AI score0.00573EPSS
CVE
CVEadded 2025/08/29 3:15 p.m.8 views

CVE-2025-55304

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was found in Exiv2 version 0.28.5: a quadratic algorithm in the ICC profile parsing code in jpegBase::readMetadata() can cause Exiv2 to run for a long time...

5.5CVSS6.4AI score0.00011EPSS
CVE
CVEadded 2025/08/29 3:15 p.m.7 views

CVE-2025-54080

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An at...

5.5CVSS6.1AI score0.00019EPSS
Total number of security vulnerabilities121