Lucene search
+L

168 matches found

Cvelist
Cvelist
added 2025/04/20 12:0 a.m.20 views

CVE-2025-43962

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...

2.9CVSS0.0039EPSS
Exploits0References3
CVE
CVE
added 2025/04/20 12:0 a.m.89 views

CVE-2025-43964

Summary: CVE-2025-43964 affects LibRaw up to version 0.21.3, where tag 0x412 processing in phase_one_correct (decoders/load_mfbacks.cpp) does not enforce minimum w0 and w1 values, enabling out-of-bounds memory access. The connected advisory confirms the issue and notes a fix in LibRaw 0.21.4. Aff...

9.8CVSS7.2AI score0.00368EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/04/20 12:0 a.m.24 views

CVE-2025-43964

In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...

2.9CVSS0.00368EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/20 12:0 a.m.7 views

CVE-2025-43961

In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser...

2.9CVSS6.9AI score0.0039EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/20 12:0 a.m.7 views

CVE-2025-43963

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp allows out-of-buffer access because splitcol and splitrow values are not checked in 0x041f tag processing...

2.9CVSS6.9AI score0.0039EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/20 12:0 a.m.8 views

CVE-2025-43964

In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...

2.9CVSS7AI score0.00368EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/04/20 12:0 a.m.13 views

CVE-2025-43962

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...

9.1CVSS6.1AI score0.0039EPSS
Exploits0
OSV
OSV
added 2025/04/20 12:0 a.m.11 views

CVE-2025-43962

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...

2.9CVSS6.8AI score0.0039EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/04/20 12:0 a.m.16 views

CVE-2025-43963

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp allows out-of-buffer access because splitcol and splitrow values are not checked in 0x041f tag processing...

9.1CVSS4.4AI score0.0039EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/04/13 12:0 a.m.4 views

PT-2025-17420

Name of the Vulnerable Software and Affected Versions LibRaw versions prior to 0.21.4 Description The issue arises from the phase one correct function in decoders/load mfbacks.cpp, which allows out-of-buffer access. This occurs because the split col and split row values are not checked during the...

9.8CVSS4.9AI score0.0039EPSS
Exploits0References70
Positive Technologies
Positive Technologies
added 2025/04/13 12:0 a.m.6 views

PT-2025-17418

Name of the Vulnerable Software and Affected Versions LibRaw versions prior to 0.21.4 Description The issue is related to an out-of-bounds read in the Fujifilm 0xf00c tag parser within the metadata/tiff.cpp file. Recommendations For versions prior to 0.21.4, update to version 0.21.4 or later to...

9.8CVSS5AI score0.0039EPSS
Exploits0References75
Positive Technologies
Positive Technologies
added 2025/04/13 12:0 a.m.6 views

PT-2025-17421

Name of the Vulnerable Software and Affected Versions LibRaw versions prior to 0.21.4 Description The issue arises from the processing of tag 0x412 in the phase one correct function within decoders/load mfbacks.cpp, where minimum w0 and w1 values are not enforced. Recommendations For versions pri...

9.8CVSS7.2AI score0.05454EPSS
Exploits0References74
OSV
OSV
added 2025/02/13 3:28 a.m.6 views

USN-7266-1 digikam vulnerabilities

Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2017-0691 It was...

7.8CVSS7.5AI score0.01711EPSS
Exploits5References10
CBLMariner
CBLMariner
added 2025/02/11 4:7 p.m.8 views

CVE-2021-32142 affecting package LibRaw for versions less than 0.21.3-1

CVE-2021-32142 affecting package LibRaw for versions less than 0.21.3-1. An upgraded version of the package is available that resolves this issue...

7.8CVSS7.7AI score0.00424EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/02/11 8:0 a.m.6 views

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.

...

7.8CVSS6AI score0.00424EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/07/23 7:0 a.m.5 views

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp postprocessing/mem_image.cpp and utils/thumb_utils.cpp. For example malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength.

...

7.5CVSS6.7AI score0.03672EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.6 views

The vulnerability of components such as dcraw/dcraw.c and internal/dcraw_common.cpp, which are part of the LibRaw image processing library, allows a perpetrator to gain access to confidential data and also trigger a service failure.

The vulnerability of the components dcraw/dcraw.c and internal/dcrawcommon.cpp, which are part of the LibRaw image processing library, involves reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause servic...

9.4CVSS6.9AI score0.02095EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.7 views

The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library is related to writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

10CVSS6.9AI score0.02819EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/09/16 12:0 a.m.12 views

The vulnerability of the x3f_utils_patched.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the x3futilspatched.cpp component in the LibRaw image processing library is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6AI score0.00369EPSS
Exploits1References5Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.8 views

The vulnerability of the `LibRaw_buffer_datastream::gets` function in the `src/libraw_datastream.cpp` file of the LibRaw image processing library allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the LibRawbufferdatastream::gets function in the src/librawdatastream.cpp file of the LibRaw image processing library is related to writing beyond the buffer’s boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity,...

7.8CVSS6.2AI score0.00424EPSS
Exploits1References13Affected Software8
Rows per page
Query Builder