Lucene search
K

267 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.31 views

RHEL 8 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Stack-based buffer overflow in quicktake100loadraw function in internal/dcrawcommon.cpp...

8.8CVSS7.3AI score0.02855EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.16 views

RHEL 6 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Memory objects are not intialized properly CVE-2015-8367 - Unspecified vulnerability in dcraw 0.8...

9.8CVSS7.6AI score0.05454EPSS
Exploits4References17
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 8 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - A buffer over-read in...

8.3AI score0.02855EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.24 views

RHEL 7 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - dcraw: Buffer overflow caus...

8.3AI score0.02855EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.22 views

RHEL 5 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Heap buffer over-read in parsetiffifd resulting in a denial of service or information leak...

7.8AI score0.01075EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 6 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - dcraw: Buffer overflow caus...

9.6AI score0.02855EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.6 views

The vulnerability of components such as dcraw/dcraw.c and internal/dcraw_common.cpp, which are part of the LibRaw image processing library, allows a perpetrator to gain access to confidential data and also trigger a service failure.

The vulnerability of the components dcraw/dcraw.c and internal/dcrawcommon.cpp, which are part of the LibRaw image processing library, involves reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause servic...

9.4CVSS6.9AI score0.02095EPSS
Exploits0References7Affected Software2
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.29 views

CVE-2020-22628

Buffer Overflow vulnerability in LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp...

6.5CVSS6.4AI score0.00681EPSS
Exploits1References3
Fedora
Fedora
added 2023/05/11 1:54 a.m.23 views

[SECURITY] Fedora 37 Update: LibRaw-0.20.2-8.fc37

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...

6.5CVSS6.5AI score0.01289EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.1 views

SUSE CVE-2013-1438

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a 1 divide-by-zero, 2 infinite loop, or 3 NULL pointer dereference...

4.3CVSS6.7AI score0.02059EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-3885

Integer overflow in the ljpegstart function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service crash via a crafted image, which triggers a buffer overflow, related to the len variable...

4.3CVSS7.1AI score0.05434EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-16909

An error related to the "LibRaw::panasonicloadraw" function dcrawcommon.cpp in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image...

5.6CVSS7.3AI score0.01993EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.4 views

SUSE CVE-2018-5806

An error within the "leafhdrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference...

6.2CVSS6.9AI score0.01689EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.4 views

SUSE CVE-2018-5818

An error within the "parserollei" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop...

3.3CVSS6.9AI score0.02333EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.1 views

SUSE CVE-2018-19567

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

3.3CVSS6.9AI score0.00925EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.3 views

SUSE CVE-2018-19566

A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

4.4CVSS7.4AI score0.01075EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.4 views

SUSE CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

3.3CVSS7.3AI score0.01075EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.3 views

SUSE CVE-2018-19568

A floating point exception in kodakradcloadraw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

5.5CVSS6.9AI score0.00925EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.4 views

SUSE CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

5.5CVSS7.7AI score0.02855EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.3 views

SUSE CVE-2021-3624

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

6.7CVSS7.7AI score0.00876EPSS
Exploits1References5
Rows per page
Query Builder