Lucene search
K

267 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/20 12:0 a.m.34 views

openSUSE 15 Security Update : dcraw (SUSE-SU-2022:1277-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1277-1 advisory. - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. - CVE-2017-14608: Fixed an invalid memory access that...

9.3CVSS7.5AI score0.02988EPSS
Exploits3References34
Veracode
Veracode
added 2022/11/09 8:37 a.m.23 views

Denial Of Service (DoS)

libraw.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a NULL pointer dereference in dcraw which allows an attacker to trigger an infinite loop or a devide-by-zero via a crafted photo file resulting in an application crash...

4.3CVSS6AI score0.02059EPSS
Exploits0References5Affected Software2
Positive Technologies
Positive Technologies
added 2022/11/06 12:0 a.m.4 views

PT-2022-36743 · Libraw · Libraw

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the LibRaw::phase one correct, LibRaw::raw2image ex, and LibRaw::dcraw process functions...

6.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/28 12:0 a.m.4 views

PT-2022-36716 · Libraw · Libraw

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a stack-buffer-overflow error. Technical details about the error include the function names xtrans interpolate and dcraw process, which are part of the LibRaw library...

6.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/09/28 12:0 a.m.7 views

The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to cause a service failure...

7.1CVSS6.9AI score0.02548EPSS
Exploits1References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/28 12:0 a.m.8 views

The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library relates to reading data beyond the permissible buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.3CVSS6.8AI score0.01974EPSS
Exploits1References11Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.7 views

The vulnerability of the leaf_hdr_load_raw() function in the internal/dcraw_common.cpp component of the LibRaw image processing library allows a hacker to cause a service failure.

The vulnerability of the leafhdrloadraw function in the internal/dcrawcommon.cpp component of the LibRaw image processing library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause service failures...

7.1CVSS6.9AI score0.01689EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.7 views

The vulnerability of the Nikon_coolscan_load_raw() function in the internal/dcraw_common.cpp component of the LibRaw image processing library, which allows a hacker to trigger a service failure.

The vulnerability of the nikoncoolscanloadraw function in the internal/dcrawcommon.cpp component of the LibRaw image processing library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause service failures...

7.1CVSS6.7AI score0.01788EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/09/23 12:0 a.m.16 views

The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.1CVSS7AI score0.01796EPSS
Exploits0References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/05/20 12:0 a.m.31 views

SUSE SLED12 / SLES12 Security Update : dcraw (SUSE-SU-2022:1749-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1749-1 advisory. - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. -...

9.3CVSS7.5AI score0.02988EPSS
Exploits3References34
Rockylinux
Rockylinux
added 2022/05/17 6:30 a.m.19 views

new packages: dcraw

An update is available for dcraw. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

1.9AI score
Exploits0
OpenVAS
OpenVAS
added 2022/05/09 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2022-0160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.7AI score0.01984EPSS
Exploits1References5
OSV
OSV
added 2022/05/06 8:16 p.m.49 views

MGASA-2022-0160 Updated dcraw packages fix security vulnerability

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information. CVE-2018-19565 A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by...

9.3CVSS7AI score0.01984EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.27 views

openSUSE: Security Advisory for dcraw (SUSE-SU-2022:1277-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS7.7AI score0.02988EPSS
Exploits3References2
OSV
OSV
added 2022/04/18 5:15 p.m.9 views

CVE-2021-3624

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

7.8CVSS9.2AI score
Exploits0References1
NVD
NVD
added 2022/04/18 5:15 p.m.22 views

CVE-2021-3624

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

9.3CVSS0.00876EPSS
Exploits1References1
OSV
OSV
added 2022/04/18 5:15 p.m.1 views

DEBIAN-CVE-2021-3624

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

7.8CVSS8.2AI score0.00876EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/04/18 5:15 p.m.48 views

CVE-2021-3624

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

9.3CVSS7.3AI score0.00876EPSS
Exploits1References1
Prion
Prion
added 2022/04/18 5:15 p.m.18 views

Integer overflow

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

9.3CVSS7.9AI score0.00876EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2022/04/18 5:15 p.m.3 views

UBUNTU-CVE-2021-3624

There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...

7.8CVSS7.4AI score0.00876EPSS
Exploits1References2
Rows per page
Query Builder