Shodan
Vulnerabilities
Vulnerable Software
Libexif Project:  Security Vulnerabilities
CVE-2020-12767
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-05-09
CVE-2018-20030
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.
CVSS Score
7.5
EPSS Score
0.008
Published
2019-02-20
CVE-2016-6328
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
CVSS Score
6.1
EPSS Score
0.007
Published
2018-10-31
CVE-2017-7544
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
CVSS Score
9.1
EPSS Score
0.005
Published
2017-09-21
CVE-2012-2812
The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
CVSS Score
6.4
EPSS Score
0.009
Published
2012-07-13
CVE-2012-2813
The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
CVSS Score
6.4
EPSS Score
0.009
Published
2012-07-13
CVE-2012-2814
Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
CVSS Score
7.5
EPSS Score
0.044
Published
2012-07-13
CVE-2012-2836
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
CVSS Score
6.4
EPSS Score
0.024
Published
2012-07-13
CVE-2012-2837
The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.
CVSS Score
5.0
EPSS Score
0.013
Published
2012-07-13
CVE-2012-2840
Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.
CVSS Score
7.5
EPSS Score
0.022
Published
2012-07-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved