1805 matches found
CVE-2026-24660
LibRaw vulnerability CVE-2026-24660: a heap-based buffer overflow in x3f_load_huffman (commit d20315b). A crafted file can trigger heap corruption with network access, no privileges, and no user interaction. CVSS 3.1 base score 8.1 (HIGH). Impact to confidentiality, integrity, and availability is...
CVE-2026-24660
A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24660
A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24660
A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24450
CVE-2026-24450 affects LibRaw (uncompressed_fp_dng_load_raw) and stems from an integer overflow in that function within Commit 8dc68e2, which can lead to a heap buffer overflow when processing a specially crafted DNG file. The published CVSS 3.1 score is 8.1 (HIGH), indicating a NETWORK-attack ve...
CVE-2026-24450
An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24450
An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24450
An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24450
An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24450
An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20884
CVE-2026-20884 affects LibRaw’s deflate_dng_load_raw, where an integer overflow can lead to a heap buffer overflow when processing a crafted file. The vulnerability, tied to Commit 8dc68e2, can be triggered by supplying a malicious file, with the CVSS 3.1 base score of 8.1 (HIGH) and impact to co...
CVE-2026-20884
An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20884
An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20884
An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20884
An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20884
An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
Libraw 安全漏洞
Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and other formats images. It supports various operating systems. LibRaw has a security vulnerability, which stems from an integer overflow in the uncompressedfpdngloadraw function, potentially leading to a...
Libraw 安全漏洞
Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and other formats images. It supports various operating systems. Libraw has a security vulnerability, which stems from a heap buffer overflow in the x3fthumbloader function, potentially leading to a heap...
LibRaw x3f_thumb_loader heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2358 LibRaw x3fthumbloader heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20889 SUMMARY A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious...
Linux Distros Unpatched Vulnerability : CVE-2026-20889
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a...