405 matches found
CVE-2026-21352
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21352 DNG SDK | Out-of-bounds Write (CWE-787)
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21352 DNG SDK | Out-of-bounds Write (CWE-787)
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21354
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...
CVE-2026-21354 DNG SDK | Integer Overflow or Wraparound (CWE-190)
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...
CVE-2026-21354 DNG SDK | Integer Overflow or Wraparound (CWE-190)
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...
CVE-2026-21354
The CVE-2026-21354 entry concerns the DNG SDK, affected in versions 1.7.1 2410 and earlier. The issue is an Integer Overflow or Wraparound that can lead to application denial-of-service. Exploitation requires user interaction: a victim must open a malicious file, potentially crashing or making th...
CVE-2026-21353 DNG SDK | Integer Overflow or Wraparound (CWE-190)
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21355
The CVE-2026-21355 entry concerns the DNG SDK, affected in versions 1.7.1 2410 and earlier. It describes an out-of-bounds read that could expose memory contents, with exploitation requiring a user to open a malicious file. The impact is memory exposure, not code execution per the provided text. C...
CVE-2026-21355 DNG SDK | Out-of-bounds Read (CWE-125)
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim...
Adobe DNG SDK 输入验证错误漏洞
The Adobe DNG SDK is a software development kit provided by Adobe Inc. in the United States, which allows for the reading and writing of DNG files. Versions of the Adobe DNG SDK 1.7.1 2410 and earlier contained a vulnerability related to input validation errors. This vulnerability was caused by...
Adobe DNG SDK 缓冲区错误漏洞
The Adobe DNG SDK is a software development kit provided by Adobe Inc. in the United States, which allows for the reading and writing of DNG files. Versions of the Adobe DNG SDK 1.7.1 2410 and earlier contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds read...
PT-2026-7430
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...
PT-2026-7429
Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.1 2410 and earlier Description DNG SDK versions 1.7.1 2410 and earlier are susceptible to an Integer Overflow or Wraparound condition. Successful exploitation could lead to arbitrary code execution with the privileges of t...
📄 Samsung Quram DNG Remote Code Execution
A vulnerability exists in Samsung's image decoding library libimagecodec.quram.so responsible for parsing Digital Negatives DNG. A malformed DNG containing oversized IFD entries can cause heap corruption. With precise heap grooming, this condition may lead to remote code execution when the...
📄 Samsung QuramDNG Type Confusion Detector Vulnerability Scanner
This C++ scanner analyzes DNG Digital Negative files for the CVE-2025-58478 type confusion vulnerability in the libimagecodec.quram.so library used on Samsung devices...
📄 Samsung QuramDng Embedded DNG Out-Of-Bounds Read / Write
This proof of concept demonstrates an out-of-bounds read / write vulnerability in Samsung's QuramDng image parser, affecting Galaxy S22–S25 devices running One UI 6+. By crafting a malformed DNG that abuses the OpcodeList1 specifically the FixBadPixelsList opcode and embedding it inside a JPEG...
📄 Samsung QuramDng Warp Out-Of-Bounds Read
This python proof of concept demonstrates an out-of-bounds read vulnerability in Samsung's QuramDng image processing library, triggered via a specially crafted DNG Digital Negative file. The script programmatically builds a minimal but valid DNG file containing a malformed WarpRectilinear opcode,...
📄 Samsung Quram DNG Advanced Remote Code Execution
This proof of concept uses an advanced exploitation technique that allows a remote attacker to execute arbitrary code on a target device by carefully controlling and manipulating memory in the target application or library. This technique is particularly used against memory-sensitive libraries li...
📄 Samsung Quram DNG Heap Corruption
Samsung devices utilize Quram's DNG decoder. A malformed ScalePerColumn opcode with oversized areaSpec and extreme pitches leads to arithmetic overflow in the per-column scaling loop. After allocation miscalculation, subsequent writes corrupt heap structures. Carefully crafted payloads enable...