Vulnerabilities > Exiv2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-29 | CVE-2017-14857 | Use After Free vulnerability in Exiv2 0.26 In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. | 5.5 |
2017-08-18 | CVE-2017-12957 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. | 6.5 |
2017-08-18 | CVE-2017-12956 | Out-of-bounds Read vulnerability in Exiv2 0.26 There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp of libexiv2 in Exiv2 0.26 that will lead to remote denial of service. | 6.5 |
2017-08-18 | CVE-2017-12955 | Out-of-bounds Write vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. | 8.8 |
2017-07-27 | CVE-2017-11683 | Reachable Assertion vulnerability in multiple products There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | 6.5 |
2017-07-24 | CVE-2017-11592 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input. | 7.5 |
2017-07-24 | CVE-2017-11591 | There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | 7.5 |
2017-07-23 | CVE-2017-11553 | Improper Input Validation vulnerability in Exiv2 0.26 There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. | 7.5 |
2017-07-17 | CVE-2017-11340 | Improper Input Validation vulnerability in Exiv2 0.26 There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. | 6.5 |
2017-07-17 | CVE-2017-11339 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. | 6.5 |