267 matches found
openSUSE 15 Security Update : dcraw (SUSE-SU-2022:1277-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1277-1 advisory. - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. - CVE-2017-14608: Fixed an invalid memory access that...
Denial Of Service (DoS)
libraw.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a NULL pointer dereference in dcraw which allows an attacker to trigger an infinite loop or a devide-by-zero via a crafted photo file resulting in an application crash...
PT-2022-36743 · Libraw · Libraw
Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the LibRaw::phase one correct, LibRaw::raw2image ex, and LibRaw::dcraw process functions...
PT-2022-36716 · Libraw · Libraw
Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a stack-buffer-overflow error. Technical details about the error include the function names xtrans interpolate and dcraw process, which are part of the LibRaw library...
The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.
The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to cause a service failure...
The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library relates to reading data beyond the permissible buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the leaf_hdr_load_raw() function in the internal/dcraw_common.cpp component of the LibRaw image processing library allows a hacker to cause a service failure.
The vulnerability of the leafhdrloadraw function in the internal/dcrawcommon.cpp component of the LibRaw image processing library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause service failures...
The vulnerability of the Nikon_coolscan_load_raw() function in the internal/dcraw_common.cpp component of the LibRaw image processing library, which allows a hacker to trigger a service failure.
The vulnerability of the nikoncoolscanloadraw function in the internal/dcrawcommon.cpp component of the LibRaw image processing library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause service failures...
The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.
The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
SUSE SLED12 / SLES12 Security Update : dcraw (SUSE-SU-2022:1749-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1749-1 advisory. - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. -...
new packages: dcraw
An update is available for dcraw. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
Mageia: Security Advisory (MGASA-2022-0160)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2022-0160 Updated dcraw packages fix security vulnerability
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information. CVE-2018-19565 A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by...
openSUSE: Security Advisory for dcraw (SUSE-SU-2022:1277-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...
CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...
DEBIAN-CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...
CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...
Integer overflow
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...
UBUNTU-CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...