Lucene search
+L

268 matches found

CVE
CVE
added 2018/11/26 8:0 p.m.81 views

CVE-2018-19568

The CVE-2018-19568 issue affects the dcraw code (kodak_radc_load_raw) used by applications bundling dcraw; a floating point exception could crash the host app when fed malicious files. Public details in connected docs confirm the vulnerability is in dcraw up through version 9.28 and that openSUSE...

5.5CVSS6.1AI score0.00925EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/11/26 8:0 p.m.41 views

CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

7.1CVSS7AI score0.01075EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/11/26 8:0 p.m.49 views

CVE-2018-19567

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

5.5CVSS6.8AI score0.00925EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/11/26 8:0 p.m.43 views

CVE-2018-19566

A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

7.1CVSS7.5AI score0.01075EPSS
Exploits0
CVE
CVE
added 2018/11/26 8:0 p.m.79 views

CVE-2018-19565

CVE-2018-19565 is a vulnerability in LibRaw/dcraw (up to dcraw 9.28) caused by a buffer over-read in crop_masked_pixels, which can allow a crafted image to crash the host application that bundles the dcraw code or leak private information. The Connected documents (Red Hat, openSUSE, SUSE security...

7.1CVSS7.2AI score0.01075EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/11/26 8:0 p.m.75 views

CVE-2018-19567

CVE-2018-19567 stems from a floating point exception in parse_tiff_ifd within dcraw up to version 9.28. The issue could be triggered by processing malicious TIFFs in environments that bundle dcraw code, potentially crashing the host application that uses these components. The Connected documents ...

5.5CVSS6.1AI score0.00925EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/11/26 8:0 p.m.37 views

CVE-2018-19568

A floating point exception in kodakradcloadraw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

5.5CVSS6.8AI score0.00925EPSS
Exploits0
CVE
CVE
added 2018/11/26 8:0 p.m.77 views

CVE-2018-19566

CVE-2018-19566 is a heap buffer over-read in parse_tiff_ifd in the dcraw code (up to version 9.28). Exploitation could crash the host application or leak private information when processing malicious TIFF files. Connected sources indicate fixes in dcraw-9.28.0-2.1 (openSUSE), but no vendor-specif...

7.1CVSS7.2AI score0.01075EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/11/26 8:0 p.m.23 views

CVE-2018-19568

A floating point exception in kodakradcloadraw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

6.3AI score0.00925EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/11/26 8:0 p.m.25 views

CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

7.3AI score0.01075EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/11/26 8:0 p.m.28 views

CVE-2018-19566

A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

7.3AI score0.01075EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/11/26 8:0 p.m.26 views

CVE-2018-19567

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

6.3AI score0.00925EPSS
Exploits0References2
CNVD
CNVD
added 2018/11/08 12:0 a.m.3 views

LibRaw 'leaf_hdr_load_raw()' Function Denial of Service Vulnerability

LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A security vulnerability exists in the 'leafhdrloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.8. An attacker can exploit this...

6.5CVSS7AI score0.01689EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/10/30 9:45 a.m.8 views

LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp

LibRaw is vulnerable to stack-based buffer overflow in internal/dcrawcommon.cpp:quicktake100loadraw function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service...

8.8CVSS8.2AI score0.01984EPSS
Exploits0References4
CNVD
CNVD
added 2018/10/26 12:0 a.m.5 views

LibRaw 'rollei_load_raw()' function heap buffer overflow vulnerability

LibRaw is a C++ library for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A heap buffer overflow vulnerability exists in the 'rolleiloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.9. A remote attacker can exploit this vulnerability with th...

8.8CVSS8.8AI score0.021EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/08/10 12:0 a.m.28 views

openSUSE Security Update : libraw (openSUSE-2018-849)

This update for libraw fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-5813: Fixed an error within the 'parseminolta' function dcraw/dcraw.c that could be exploited to trigger an infinite loop via a specially crafted file. This could be exploited to...

8.8CVSS6.2AI score0.02194EPSS
Exploits0References12
OSV
OSV
added 2018/07/31 12:0 a.m.5 views

UBUNTU-CVE-2018-5813

An error within the "parseminolta" function dcraw/dcraw.c in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file...

6.5CVSS6.7AI score0.02088EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/07/31 12:0 a.m.35 views

CVE-2018-5813

An error within the "parseminolta" function dcraw/dcraw.c in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file...

7.1CVSS6.8AI score0.02088EPSS
Exploits0References3
Fedora
Fedora
added 2018/07/25 6:45 p.m.25 views

[SECURITY] Fedora 27 Update: dcraw-9.28.0-1.fc27

This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras...

6.5CVSS2.4AI score0.02039EPSS
Exploits1
CNVD
CNVD
added 2018/07/05 12:0 a.m.3 views

LibRaw 'LibRaw::kodak_ycbcr_load_raw()' function heap buffer overflow vulnerability

LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A heap buffer overflow vulnerability exists in the 'LibRaw::kodakycbcrloadraw' function in versions prior to LibRaw 0.18.7 file internal/dcrawcommon.cpp. An attacker could...

6.5CVSS6.8AI score0.02548EPSS
Exploits1References1
Rows per page
Query Builder