CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-18651 – exempi: denial of service via opening of crafted audio file with ID3V2 frame
https://notcve.org/view.php?id=CVE-2020-18651
22 Aug 2023 — Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame. A buffer overflow flaw was found in the exempi package. This issue occurs in the ID3_Support::ID3v2Frame::getFrameValue function that allows remote attackers to cause a denial of service via opening a crafted audio file with the ID3V2 frame. An update for exempi is now available for Red Hat Enterp... • https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-18652 – exempi: denial of service via opening of crafted webp file
https://notcve.org/view.php?id=CVE-2020-18652
22 Aug 2023 — Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file. A buffer overflow flaw was found in the exempi package. This issue occurs in WEBP_Support.cpp and may allow remote attackers to cause a denial of service via opening a crafted webp file. • https://gitlab.freedesktop.org/libopenraw/exempi/commit/acee2894ceb91616543927c2a6e45050c60f98f7 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-12648 – Ubuntu Security Notice USN-5483-1
https://notcve.org/view.php?id=CVE-2018-12648
22 Jun 2018 — The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference. la función WEBP::GetLE32 en XMPFiles/source/FormatSupport/WEBP_Support.hpp en Exempi 2.4.5 tiene una desreferencia de puntero NULL. It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00070.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18233 – exempi: Infinite Loop in Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp
https://notcve.org/view.php?id=CVE-2017-18233
15 Mar 2018 — An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file. Se ha descubierto un problema en versiones anteriores a la 2.4.4 de Exempi. Desbordamiento de enteros en la clase Chunk en XMPFiles/source/FormatSupport/RIFF.cpp permite que los atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante datos XMP manipulados... • https://access.redhat.com/errata/RHSA-2019:2048 • CWE-190: Integer Overflow or Wraparound CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-18235
https://notcve.org/view.php?id=CVE-2017-18235
15 Mar 2018 — An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted .webp file. >Se ha descubierto un problema en versiones anteriores a la 2.4.3 de Exempi. La clase VPXChunk en XMPFiles/source/FormatSupport/WEBP_Support.cpp no se asegura de que los valores de ancho y alto no sean ceros, lo que permite a... • https://bugs.freedesktop.org/show_bug.cgi?id=101913 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2017-18238 – exempi: Infinite loop in TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp
https://notcve.org/view.php?id=CVE-2017-18238
15 Mar 2018 — An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file. Se ha descubierto un problema en versiones anteriores a la 2.4.4 de Exempi. La función TradQT_Manager::ParseCachedBoxes en XMPFiles/source/FormatSupport/QuickTime_Support.cpp permite que los atacantes remotos provoquen una denegación de servicio (bucle infin... • https://access.redhat.com/errata/RHSA-2019:2048 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-18237
https://notcve.org/view.php?id=CVE-2017-18237
15 Mar 2018 — An issue was discovered in Exempi before 2.4.3. The PostScript_Support::ConvertToDate function in XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted .ps file. Se ha descubierto un problema en versiones anteriores a la 2.4.3 de Exempi. La función PostScript_Support::ConvertToDate en XMPFiles/source/FormatSupport/PostScript_Support.cpp permite que atacantes remotos provoquen una denegación ... • https://bugs.freedesktop.org/show_bug.cgi?id=101914 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18234 – exempi: Use after free via a PDF file containing JPEG data
https://notcve.org/view.php?id=CVE-2017-18234
15 Mar 2018 — An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp. Se ha descubierto un problema en versiones anteriores a la 2.4.3 de Exempi. Permite que los atacantes remotos provoq... • https://access.redhat.com/errata/RHSA-2019:2048 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18236 – exempi: Infinite loop in ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp
https://notcve.org/view.php?id=CVE-2017-18236
15 Mar 2018 — An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file. Se ha descubierto un problema en versiones anteriores a la 2.4.4 de Exempi. La función ASF_Support::ReadHeaderObject en XMPFiles/source/FormatSupport/ASF_Support.cpp permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo .asf man... • https://access.redhat.com/errata/RHSA-2019:2048 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-7729 – Ubuntu Security Notice USN-3668-1
https://notcve.org/view.php?id=CVE-2018-7729
06 Mar 2018 — An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp. Se ha descubierto un problema en Exempi hasta su versión 2.4.4. Hay una sobrelectura de búfer basada en pila en la función PostScript_MetaHandler::ParsePSFile() en XMPFiles/source/FileHandlers/PostScript_Handler.cpp. It was discovered that Exempi incorrectly handled certain media files. • https://bugs.freedesktop.org/show_bug.cgi?id=105206 • CWE-125: Out-of-bounds Read •