Lucene search
+L

405 matches found

CVE
CVE
added 2026/03/10 6:23 p.m.22 views

CVE-2026-27281

DVE-2024-2026: CVE-2026-27281 affects DNG SDK up to version 1.7.1 2471 and earlier. The flaw is an Integer Overflow or Wraparound (CWE-190) in a component used by the SDK, leading to an application denial-of-service. Exploitation requires user interaction: a victim must open a malicious file. The...

5.5CVSS5.8AI score0.00179EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 6:23 p.m.4 views

CVE-2026-27281 DNG SDK | Integer Overflow or Wraparound (CWE-190)

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

5.5CVSS5.8AI score0.00179EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/10 6:23 p.m.27 views

CVE-2026-27281 DNG SDK | Integer Overflow or Wraparound (CWE-190)

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

5.5CVSS0.00179EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/10 6:23 p.m.5 views

CVE-2026-27280 DNG SDK | Out-of-bounds Write (CWE-787)

DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00176EPSS
Exploits0References1
CVE
CVE
added 2026/03/10 6:23 p.m.31 views

CVE-2026-27280

CVE-2026-27280 affects DNG SDK versions 1.7.1 build 2471 and earlier, with an out-of-bounds write (CWE-787) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The CVSS 3.1 vector is Local/Low...

7.8CVSS6.3AI score0.00176EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Adobe DNG SDK 输入验证错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An input validation error vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause a denial of service in an applicatio...

5.5CVSS5.8AI score0.00179EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.10 views

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause arbitrary code to be executed in the...

7.8CVSS6AI score0.00176EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/03/05 12:0 a.m.130 views

📄 Adobe SDK 1.7.1 2410 Integer Overflow / Denial of Service

A logic flaw in the processing of the ProfileHueSatMapDims 0xC6F5 tag within the Adobe DNG SDK can lead to an integer overflow condition when parsing crafted DNG files. By supplying excessively large dimension values e.g., 0x15555554 in the Hue/Saturation map metadata, an attacker can trigger...

6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/03/05 12:0 a.m.129 views

📄 Adobe DNG SDK 1.7.1 2410 Integer Overflow

A potential security issue may arise when processing DNG Digital Negative files that embed JPEG XL JXL compressed image streams if image dimensions are not properly validated before memory allocation. In this scenario, specially crafted width and height values are embedded inside the JPEG XL stre...

6AI score
Exploits0
CNVD
CNVD
added 2026/02/25 12:0 a.m.4 views

Adobe DNG SDK Buffer Overflow Vulnerability

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. A buffer overflow vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to execute arbitrary code on a system or cause an...

7.8CVSS6.4AI score0.00157EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/02/18 12:0 a.m.172 views

📄 Samsung Malformed DNG ColorMatrix2 Out-Of-Bounds Read

A memory safety vulnerability was identified in Samsung’s image decoding library libimagecodec.quram.so, affecting the handling of DNG Digital Negative image files. The issue stems from improper bounds validation when parsing the ColorMatrix2 0xC622 tag within DNG metadata. By supplying a crafted...

9.1CVSS5.5AI score0.00393EPSS
Exploits2
Packet Storm
Packet Storm
added 2026/02/18 12:0 a.m.273 views

📄 Samsung QuramDng Malformed DNG TrimBounds Opcode Out‑Of‑Bounds Read

A vulnerability exists in the image decoding logic of Quram DNG parser within libimagecodec.quram.so. The flawed bounds validation in handling TrimBounds opcode triggers out-of-bounds reads on heap-allocated image buffers. This issue allows remote attackers to craft a malicious DNG payload, embed...

7.5CVSS6.5AI score0.00268EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/02/18 12:0 a.m.157 views

📄 Samsung QuramDNG Type Confusion Detector Vulnerability Scanner

This C++ scanner analyzes DNG Digital Negative files for the CVE-2025-58478 type confusion vulnerability in the libimagecodec.quram.so library used on Samsung devices...

7.5CVSS5.5AI score0.0022EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.7 views

CVE-2026-21355

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim...

5.5CVSS5.4AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.5 views

CVE-2026-21352

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.9 views

CVE-2026-21353

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 7:15 p.m.4 views

CVE-2026-21355

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim...

5.5CVSS5.7AI score0.00152EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 7:15 p.m.5 views

CVE-2026-21353

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 7:15 p.m.13 views

CVE-2026-21352

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00157EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 7:15 p.m.10 views

CVE-2026-21353

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00184EPSS
Exploits0References1
Rows per page
Query Builder