Lucene search
K

405 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-21048

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS0.00379EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago37 views

CVE-2026-21048

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS0.00379EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-21048

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS6AI score0.00379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Ubuntu 22.04 LTS / 24.04 LTS / 26.04 LTS : LibRaw vulnerabilities (USN-8522-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8522-1 advisory. It was discovered that LibRaw incorrectly handled certain Nikon RAW image files. An attacker could possibly use this issue to cau...

9.8CVSS6.6AI score0.00746EPSS
Exploits6References7
Cvelist
Cvelist
added 2026/07/06 7:45 p.m.33 views

CVE-2026-48267 DNG SDK | NULL Pointer Dereference (CWE-476)

DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...

5.5CVSS0.00139EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 7:45 p.m.11 views

CVE-2026-48267

The CVE-2026-48267 entry concerns the DNG SDK prior to or equal to version 1.7.1 build 2536, where a NULL Pointer Dereference could cause an application crash and denial-of-service. The vulnerability requires user interaction: a victim must open a malicious file. The root cause is a NULL pointer ...

5.5CVSS6AI score0.00139EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 7:45 p.m.6 views

CVE-2026-48267

DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...

5.5CVSS6AI score0.00139EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 7:45 p.m.5 views

EUVD-2026-41920

DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...

5.5CVSS6AI score0.00139EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 7:16 p.m.14 views

CVE-2026-47927

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS0.00165EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 7:16 p.m.13 views

CVE-2026-47963

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/16 4:32 p.m.3 views

CVE-2026-47963

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.7AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 4:32 p.m.15 views

CVE-2026-47963

The CVE-2026-47963 entry concerns DNG SDK versions 1.7.1 2536 and earlier, which are affected by an out-of-bounds read (CWE-125). The vulnerability can disclose sensitive memory and requires user interaction: a victim must open a malicious file. This is the explicit impact and attack condition de...

5.5CVSS5.2AI score0.00165EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/16 4:32 p.m.30 views

CVE-2026-47964

Affected software : DNG SDK (version 1.7.1 2536 and earlier). Vulnerability : Heap-based buffer overflow (CWE-122) in the DNG SDK, potentially allowing arbitrary code execution in the context of the current user. Impact : Arbitrary code execution with high impact (confidentiality/ integrity/ avai...

7.8CVSS6AI score0.00199EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/16 4:32 p.m.3 views

CVE-2026-47927

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.7AI score0.00165EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 9:53 p.m.21 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.7AI score0.00454EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 p.m.7 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.7AI score0.00454EPSS
Exploits1References6
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: LibRaw

Issue Overview: An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVE-2026-20884 A heap-based buffer overflow...

9.8CVSS5.9AI score0.00564EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.6 views

Amazon Linux 2 : LibRaw, --advisory ALAS2-2026-3258 (ALAS-2026-3258)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3258 advisory. An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw. A specially crafted malicious...

9.8CVSS6.2AI score0.00564EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2026/04/28 1:55 p.m.9 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.5AI score0.00454EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.4 views

SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2026:1555-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1555-1 advisory. - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer...

9.8CVSS6.3AI score0.00746EPSS
Exploits7References22
Rows per page
Query Builder