Debian dla-3113 : libraw-bin - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3113 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3113-1 [email protected]...

Medium: LibRaw

Issue Overview: Buffer Overflow vulnerability in LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp. CVE-2020-22628 In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F...

Amazon Linux 2 : LibRaw (ALAS-2023-2256)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2256 advisory. Buffer Overflow vulnerability in LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp. CVE-2020-22628 In...

SUSE CVE-2020-35531

In LibRaw, an out-of-bounds read vulnerability exists within the gethuffmandiff function libraw\src\x3f\x3futilspatched.cpp when reading data from an image file...

DEBIAN-CVE-2020-35531

In LibRaw, an out-of-bounds read vulnerability exists within the gethuffmandiff function libraw\src\x3f\x3futilspatched.cpp when reading data from an image file...

CVE-2020-35531

Mode C: CVE-2020-35531 is an out-of-bounds read in LibRaw’s get_huffman_diff() (libraw/src/x3f/x3f_utils_patched.cpp) when reading image data. Connected advisories confirm LibRaw involvement across multiple distributions and indicate the issue is tied to X3F parsing in LibRaw. Affected software: ...

CVE-2021-35531

creationtimestamp| type| source ---|---|--- 2022-06-08 00:31:21+00:00| seen| https://t.me/cibsecurity/43980...

CVE-2021-35531

Improper Input Validation vulnerability in a particular configuration setting field of Hitachi Energy TXpert Hub CoreTec 4 product, allows an attacker with access to an authorized user with ADMIN or ENGINEER role rights to inject an OS command that is executed by the system. This issue affects:...

CVE-2021-35531

CVE-2021-35531 applies to Hitachi Energy TXpert Hub CoreTec 4. Affected versions: 2.0.0–2.2.1. Root cause: Improper Input Validation in a particular configuration setting field. Attack scenario: an attacker with access to an authorized user with ADMIN or ENGINEER rights can inject an OS command t...

Sourcecodester Baby Care System SQL注入漏洞（CNVD-2022-35531）

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates in /admin/inbox.php & action=delete & msgid= where the msgid parameter lacks validation for external...