Lucene search
K

12 matches found

CVE
CVE
added 2026/06/16 4:32 p.m.15 views

CVE-2026-47927

CVE-2026-47927 concerns the DNG SDK, where versions 1.7.1 2536 and earlier are affected by an out-of-bounds read (CWE-125). The vulnerability could lead to disclosure of sensitive memory. Exploitation requires user interaction: a victim must open a malicious file. The CVSS info indicates a local ...

5.5CVSS5.2AI score0.00165EPSS
Exploits0References1Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.7 views

TIFF/DNG Metadata Scanner for Structural Validation and Suspicious Tag Detection

This C program implements a lightweight metadata scanner for TIFF-based DNG files that performs basic structural validation and heuristic analysis of Image File Directory IFD entries. The tool reads TIFF headers, enumerates metadata tags, and evaluates entries against simple consistency rules to...

5.5AI score
Exploits0
Fedora
Fedora
added 2026/04/13 9:7 p.m.6 views

[SECURITY] Fedora 44 Update: LibRaw-0.22.1-1.fc44

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...

9.8CVSS5.8AI score0.00735EPSS
Exploits3
NVD
NVD
added 2026/03/10 7:17 p.m.5 views

CVE-2026-27281

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

5.5CVSS0.00179EPSS
Exploits1References1
CVE
CVE
added 2026/02/10 6:32 p.m.30 views

CVE-2026-21352

The CVE-2026-21352 entry concerns Adobe DNG SDK: versions 1.7.1 build 2410 and earlier are affected by an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the victim opening a malicious...

7.8CVSS6.3AI score0.00157EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/02/10 6:32 p.m.37 views

CVE-2026-21353

The CVE-2026-21353 issue affects DNG SDK versions 1.7.1 ≤ 2410 and earlier. The root cause is an Integer Overflow or Wraparound (CWE-190) in the SDK, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. ...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

Adobe DNG SDK 输入验证错误漏洞

The Adobe DNG SDK is a software development kit provided by Adobe Inc. in the United States, which allows for the reading and writing of DNG files. Versions of the Adobe DNG SDK 1.7.1 2410 and earlier contained a vulnerability related to input validation errors. This vulnerability was caused by...

7.8CVSS6AI score0.00184EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2025/12/22 12:0 a.m.157 views

📄 Adobe DNG SDK Linearize Out-Of-Bounds Read

A memory safety vulnerability exists in Adobe DNG SDK versions prior to 1.7.1.2410 that affects the Linearize image processing routine. When handling trimmed source images, the function erroneously performs operations using full image dimensions, resulting in an out‑of‑bounds read condition. This...

7.1CVSS7.4AI score0.00165EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.5 views

PT-2025-50132

Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.0 and earlier Description The DNG SDK is affected by a Heap-based Buffer Overflow that may result in memory exposure or application denial of service. An attacker could exploit this issue to disclose sensitive memory...

7.1CVSS6.4AI score0.00165EPSS
Exploits2References7
BDU FSTEC
BDU FSTEC
added 2021/09/01 12:0 a.m.3 views

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software lies in its ability to read data beyond the buffer boundaries, allowing an attacker to disclose protected information.

The vulnerability of the Adobe DNG Software Development Kit’s file reading and writing software relates to reading beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to disclose protected information using a specially crafted file...

7.5CVSS7.4AI score0.03474EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/06/05 12:0 a.m.3 views

The vulnerability of the DNG file reading and writing software developed by Adobe’s SDK lies in buffer overflow attacks in the dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the DNG file reading and writing software developed by Adobe’s SDK is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8AI score0.07687EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/06/05 12:0 a.m.5 views

The vulnerability of the DNG file reading and writing software developed by Adobe’s SDK lies in buffer overflow attacks in the dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the DNG file reading and writing software developed by Adobe’s SDK is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.9AI score0.07595EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder