Filtered by vendor Libraw
Subscriptions
Filtered by product Libraw
Subscriptions
Total
51 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5819 | 3 Debian, Libraw, Redhat | 4 Debian Linux, Libraw, Ansible Tower and 1 more | 2024-09-17 | N/A |
| An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. | ||||
| CVE-2013-2126 | 3 Canonical, Libraw, Opensuse | 3 Ubuntu Linux, Libraw, Opensuse | 2024-09-17 | N/A |
| Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file. | ||||
| CVE-2017-13735 | 1 Libraw | 1 Libraw | 2024-09-16 | N/A |
| There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. | ||||
| CVE-2018-5817 | 2 Debian, Libraw | 2 Debian Linux, Libraw | 2024-09-16 | N/A |
| A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. | ||||
| CVE-2013-2127 | 1 Libraw | 1 Libraw | 2024-09-16 | N/A |
| Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-1439 | 1 Libraw | 1 Libraw | 2024-08-06 | N/A |
| The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file. | ||||
| CVE-2015-8367 | 1 Libraw | 1 Libraw | 2024-08-06 | 9.8 Critical |
| The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization. | ||||
| CVE-2015-8366 | 1 Libraw | 1 Libraw | 2024-08-06 | 9.8 Critical |
| Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes. | ||||
| CVE-2017-16909 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2024-08-05 | N/A |
| An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. | ||||
| CVE-2017-16910 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2024-08-05 | N/A |
| An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition. | ||||
| CVE-2017-14608 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. | ||||
| CVE-2017-14348 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file. | ||||
| CVE-2017-14265 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack. | ||||
| CVE-2017-6887 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs. | ||||
| CVE-2017-6886 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory. | ||||
| CVE-2018-20364 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | ||||
| CVE-2018-20337 | 2 Libraw, Redhat | 2 Libraw, Enterprise Linux | 2024-08-05 | N/A |
| There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact. | ||||
| CVE-2018-20363 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | ||||
| CVE-2018-20365 | 1 Libraw | 1 Libraw | 2024-08-05 | N/A |
| LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. | ||||
| CVE-2018-10529 | 2 Canonical, Libraw | 2 Ubuntu Linux, Libraw | 2024-08-05 | N/A |
| An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp. | ||||