Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.24 views

RHEL 7 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - dcraw: Buffer overflow caus...

8.3AI score0.02855EPSS
Exploits2References6
OSV
OSV
added 2022/05/19 1:24 p.m.9 views

SUSE-SU-2022:1749-1 Security update for dcraw

This update for dcraw fixes the following issues: - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. - CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service bsc1063798. - CVE-2018-19655: Fixed a...

9.3CVSS7.5AI score0.02988EPSS
Exploits3References23
OSV
OSV
added 2022/04/20 7:23 a.m.8 views

SUSE-SU-2022:1277-1 Security update for dcraw

This update for dcraw fixes the following issues: - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. - CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service bsc1063798. - CVE-2018-19655: Fixed a...

9.3CVSS7.5AI score0.02988EPSS
Exploits3References23
Tenable Nessus
Tenable Nessus
added 2020/03/30 12:0 a.m.38 views

Fedora 30 : dcraw (2020-545493aa4b)

Fix CVE-2018-19655 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

8.8CVSS6.8AI score0.02855EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/03/30 12:0 a.m.29 views

Fedora 31 : dcraw (2020-19c7f8e25f)

Fix CVE-2018-19655 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

8.8CVSS6.8AI score0.02855EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/03/29 12:0 a.m.27 views

Fedora: Security Advisory for dcraw (FEDORA-2020-545493aa4b)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.7AI score0.02855EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-1879)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.02855EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-2002)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.02855EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-1840)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.02855EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-1817)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.02855EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.25 views

EulerOS 2.0 SP8 : dcraw (EulerOS-SA-2019-1817)

According to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote...

8.8CVSS7.4AI score0.02855EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2018/12/06 10:19 a.m.23 views

CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS4.9AI score0.02855EPSS
Exploits1References2
OSV
OSV
added 2018/11/29 5:29 a.m.7 views

CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS9.4AI score
Exploits0References5
Debian CVE
Debian CVE
added 2018/11/29 5:0 a.m.32 views

CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS7.6AI score0.02855EPSS
Exploits1
CVE
CVE
added 2018/11/29 5:0 a.m.83 views

CVE-2018-19655

CVE-2018-19655 is a stack-based overflow in the find_green() function of dcraw (up to version 9.28) that can be triggered by a malicious raw image and may allow remote control-flow hijack, DoS, or other impact when dcraw is used by apps such as ufraw-batch. Connected sources corroborate the flaw ...

8.8CVSS8.1AI score0.02855EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder