Alibaba Cloud Linux 3 : 0125: LibRaw (ALINUX3-SA-2026:0125)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0125 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-21413: A flaw was found in LibRaw...

RHEL 9 : LibRaw (RHSA-2026:19345)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19345 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw:...

RHEL 9 : LibRaw (RHSA-2026:13870)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13870 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw:...

MiracleLinux 9 : LibRaw-0.21.1-2.el9_7 (AXSA:2026-528:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-528:01 advisory. LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-base...

Oracle Linux 9 : LibRaw (ELSA-2026-11360)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-11360 advisory. 0.21.1-2 - Fix CVE-2026-21413 and CVE-2026-24450 Resolves: RHEL-165373, RHEL-165456 Tenable has extracted the preceding description block directly fro...

LibRaw security update

0.21.1-2 - Fix CVE-2026-21413 and CVE-2026-24450 Resolves: RHEL-165373, RHEL-165456...

Fedora 42 : mingw-LibRaw (2026-826db1b5c0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-826db1b5c0 advisory. Backport patch for CVE-2026-20884. ---- Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 ---- Update to libraw-0.21.5...

CVE-2026-24450

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

CVE-2026-24450

creationtimestamp| type| source ---|---|--- 2026-04-07 14:30:28+00:00| seen| https://infosec.place/objects/29afbc8a-5592-4e64-8450-859a4223cef1 2026-04-07 15:28:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miw3s5o2cj2s 2026-04-07 17:28:45+00:00|...

CVE-2024-24450

Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...

CVE-2020-24450

Improper conditions check in some IntelR Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-24450

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-24450

creationtimestamp| type| source ---|---|--- 2025-03-11 17:39:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7181...

CVE-2025-24450 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-24450 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-24450

CVE-2025-24450 affects Adobe Substance 3D Painter (versions 10.1.2 and earlier). The vulnerability is an out-of-bounds write (CWE-787) that could enable arbitrary code execution in the context of the current user, with exploitation requiring user interaction (victim must open a malicious file). M...

CVE-2024-11791 Fuji Electric Monitouch V-SFT V8C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Fuji Electric Monitouch V-SFT V8C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerabili...

CVE-2024-11791 Fuji Electric Monitouch V-SFT V8C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Fuji Electric Monitouch V-SFT V8C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerabili...

CVE-2024-11791

Fuji Electric Monitouch V-SFT vulnerability CVE-2024-11791 affects the V-SFT product via a stack-based overflow in parsing of V8C files. The flaw arises from insufficient validation of data length before copying into a stack buffer, enabling remote code execution in the context of the affected pr...

CVE-2024-24450

Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...