Lucene search
+L

15 matches found

OSV
OSV
added 2024/11/08 3:7 p.m.4 views

OESA-2024-2366 dcraw security update

This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. Security Fixes: CVE-2017-13735 CVE-2017-14608 A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remot...

9.1CVSS7.7AI score0.02988EPSS
Exploits1References4
OSV
OSV
added 2024/11/08 3:7 p.m.4 views

OESA-2024-2363 dcraw security update

This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. Security Fixes: CVE-2017-13735 CVE-2017-14608 A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remot...

9.1CVSS7.7AI score0.02988EPSS
Exploits1References4
Snyk
Snyk
added 2024/10/16 4:2 p.m.13 views

Denial of Service (DoS)

Overview org.webjars.npm:pacote is a JavaScript package downloader Affected versions of this package are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s rege...

8.7CVSS5.4AI score0.00346EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.6 views

SUSE CVE-2014-9640

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...

5CVSS6.7AI score0.03243EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.5 views

SUSE CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

5.5CVSS7.7AI score0.02855EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/04/18 12:0 a.m.2 views

dcraw 输入验证错误漏洞

dcraw is a set of open source tools for converting camera-shot RAW film into PPM or TIFF format images. A security vulnerability exists in dcraw, which stems from an integer overflow vulnerability. An attacker could execute arbitrary code on the victim's system via a maliciously crafted X3F input...

9.3CVSS8.3AI score0.00876EPSS
Exploits1References4
OSV
OSV
added 2018/11/29 5:29 a.m.11 views

UBUNTU-CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS7.2AI score0.02855EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2018/10/30 9:45 a.m.8 views

LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp

LibRaw is vulnerable to stack-based buffer overflow in internal/dcrawcommon.cpp:quicktake100loadraw function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service...

8.8CVSS8.2AI score0.01984EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/30 9:45 a.m.10 views

LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp

A NULL pointer dereference vulnerability in internal/dcrawcommon.cpp:leafhdrloadraw function was found in LibRaw. A user can cause a denial of service when processing specially-crafted RAW data...

6.5CVSS7.3AI score0.01689EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2015/04/24 12:0 a.m.37 views

dcraw -- integer overflow condition

ocert reports: The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A malicious...

4.3CVSS7AI score0.05434EPSS
Exploits0References4
Mageia
Mageia
added 2015/02/05 10:26 p.m.34 views

Updated vorbis-tools package fixes security vulnerability

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file CVE-2014-9640...

5CVSS5.5AI score0.03243EPSS
Exploits0References2
CNVD
CNVD
added 2015/01/26 12:0 a.m.31 views

Vorbis Tools Denial of Service Vulnerability (CNVD-2015-00651)

vorbis-tools is a set of Ogg an audio compression format vorbis tools. A security vulnerability exists in the oggenc/oggenc.c file in vorbis-tools version 1.4.0. A local attacker can exploit this vulnerability to cause a denial of service out-of-bounds read with a specially crafted raw file...

5CVSS6.4AI score0.03243EPSS
Exploits0References1
OSV
OSV
added 2015/01/23 3:59 p.m.2 views

DEBIAN-CVE-2014-9640

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...

5CVSS6.7AI score0.03243EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/01/23 3:0 p.m.25 views

CVE-2014-9640

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...

5.2AI score0.03243EPSS
Exploits0References8
NVD
NVD
added 2010/11/16 10:0 p.m.38 views

CVE-2010-1846

Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted RAW image...

6.8CVSS7.9AI score0.0332EPSS
Exploits0References3
Rows per page
Query Builder