Every CVE whose affected-product data names Google Picasa, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2015-8221 — CVSS 10.0 (critical): Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb…
CVE-2015-8096 — CVSS 10.0 (critical): Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors…
CVE-2011-2747 — CVSS 9.3 (critical): Google Picasa before 3.6 Build 105.67 does not properly handle invalid properties in JPEG images, which allows remote attackers to execute…
CVE-2013-5349 — CVSS 7.5 (high): Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted…
CVE-2013-5357 — CVSS 7.5 (high): Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long…
CVE-2013-5358 — CVSS 7.5 (high): Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as…
CVE-2013-5359 — CVSS 7.5 (high): Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary…
CVE-2007-4823 — CVSS 7.5 (high): Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague…
CVE-2011-0458 — CVSS 6.9 (medium): Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a…
CVE-2007-4824 — CVSS 6.8 (medium): Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this…
CVE-2007-4847 — CVSS 5.0 (medium): Google Picasa allows remote attackers to read image files stored by Picasa via unspecified vectors involving a picasa:// URI. NOTE: this…