267 matches found
RHEL 8 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Stack-based buffer overflow in quicktake100loadraw function in internal/dcrawcommon.cpp...
RHEL 6 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Memory objects are not intialized properly CVE-2015-8367 - Unspecified vulnerability in dcraw 0.8...
RHEL 8 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - A buffer over-read in...
RHEL 7 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - dcraw: Buffer overflow caus...
RHEL 5 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Heap buffer over-read in parsetiffifd resulting in a denial of service or information leak...
RHEL 6 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - dcraw: Buffer overflow caus...
The vulnerability of components such as dcraw/dcraw.c and internal/dcraw_common.cpp, which are part of the LibRaw image processing library, allows a perpetrator to gain access to confidential data and also trigger a service failure.
The vulnerability of the components dcraw/dcraw.c and internal/dcrawcommon.cpp, which are part of the LibRaw image processing library, involves reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause servic...
CVE-2020-22628
Buffer Overflow vulnerability in LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp...
[SECURITY] Fedora 37 Update: LibRaw-0.20.2-8.fc37
LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...
SUSE CVE-2013-1438
Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a 1 divide-by-zero, 2 infinite loop, or 3 NULL pointer dereference...
SUSE CVE-2015-3885
Integer overflow in the ljpegstart function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service crash via a crafted image, which triggers a buffer overflow, related to the len variable...
SUSE CVE-2017-16909
An error related to the "LibRaw::panasonicloadraw" function dcrawcommon.cpp in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image...
SUSE CVE-2018-5806
An error within the "leafhdrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference...
SUSE CVE-2018-5818
An error within the "parserollei" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop...
SUSE CVE-2018-19567
A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...
SUSE CVE-2018-19566
A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
SUSE CVE-2018-19565
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
SUSE CVE-2018-19568
A floating point exception in kodakradcloadraw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...
SUSE CVE-2018-19655
A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...
SUSE CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...