Lucene search
K

33 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-1477

Malware in sbrugna...

4.3CVSS9.2AI score0.01793EPSS
Exploits1References6
NVD
NVD
added 2025/09/21 5:15 a.m.6 views

CVE-2025-10763

A vulnerability was determined in academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab. Affected by this issue is some unknown functionality of the file /edit-photo of the component Profile Picture Handler. This manipulation causes unrestricted upload. The attack is possible to ...

6.5CVSS0.00322EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.4 views

SourceCodester Online Student Clearance System 安全漏洞

SourceCodester Online Student Clearance System is a SourceCodester open source online student management system. A security vulnerability exists in SourceCodester Online Student Clearance System version 1.0, which originates from an unrestricted upload due to the userImage action in the parameter...

9.8CVSS7.5AI score0.00942EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.6 views

PT-2023-32643 · Unknown · Voovi Social Networking Script

Name of the Vulnerable Software and Affected Versions: Voovi Social Networking Script version 1.0 Description: A SQL injection vulnerability has been reported in Voovi Social Networking Script, affecting the photo.php file with multiple parameters. This could allow a remote attacker to send a...

9.8CVSS7.7AI score0.00831EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2023/06/05 1:59 p.m.60 views

USN-6137-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6.2AI score0.01289EPSS
Exploits2
Veracode
Veracode
added 2022/11/09 8:37 a.m.23 views

Denial Of Service (DoS)

libraw.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a NULL pointer dereference in dcraw which allows an attacker to trigger an infinite loop or a devide-by-zero via a crafted photo file resulting in an application crash...

4.3CVSS6AI score0.02059EPSS
Exploits0References5Affected Software2
Ubuntu
Ubuntu
added 2022/11/07 4:57 p.m.61 views

USN-5715-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS6.5AI score0.03672EPSS
Exploits2
CNNVD
CNNVD
added 2022/06/21 12:0 a.m.5 views

Hindu Matrimonial Script 安全漏洞

PHP Matrimonial Script Hindu Matrimonial Script is an online matrimonial service website from PHP Matrimonial Script India. A security vulnerability exists in Hindu Matrimonial Script that stems from improperly managed permissions in /admin/photo.php...

8.8CVSS7.9AI score0.00797EPSS
Exploits1References3
Veracode
Veracode
added 2020/09/21 6:32 a.m.20 views

Denial Of Service (DoS)

ufraw is vulnerable to stack-based buffer overflow. It is due to a flaw in the findgreen function, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS4.9AI score0.02855EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2020/04/03 10:53 p.m.12 views

MGASA-2020-0157 Updated dcraw packages fix security vulnerabilities

The updated packages fix security vulnerabilities: There is a floating point exception in the kodakradcloadraw function in dcrawcommon.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. CVE-2017-13735 In LibRaw through 0.18.4, an out of bounds read flaw related to...

9.1CVSS8.7AI score0.02988EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-1817)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.02855EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/08/27 12:0 a.m.25 views

EulerOS 2.0 SP8 : dcraw (EulerOS-SA-2019-1817)

According to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote...

8.8CVSS7.4AI score0.02855EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2018/12/06 10:19 a.m.24 views

CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS4.9AI score0.02855EPSS
Exploits1References2
OSV
OSV
added 2018/11/29 5:29 a.m.8 views

CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS9.4AI score
Exploits0References5
Prion
Prion
added 2018/11/29 5:29 a.m.27 views

Stack overflow

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

6.8CVSS8.7AI score0.02855EPSS
Exploits1References5Affected Software3
Cvelist
Cvelist
added 2018/11/29 5:0 a.m.26 views

CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.2AI score0.02855EPSS
Exploits1References5
CVE
CVE
added 2018/11/29 5:0 a.m.83 views

CVE-2018-19655

CVE-2018-19655 is a stack-based overflow in the find_green() function of dcraw (up to version 9.28) that can be triggered by a malicious raw image and may allow remote control-flow hijack, DoS, or other impact when dcraw is used by apps such as ufraw-batch. Connected sources corroborate the flaw ...

8.8CVSS8.1AI score0.02855EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2018/11/29 5:0 a.m.43 views

CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

8.8CVSS7.6AI score0.02855EPSS
Exploits1
NVD
NVD
added 2015/07/03 2:0 a.m.16 views

CVE-2015-3716

Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library...

4.4CVSS6.7AI score0.00458EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/07/03 1:0 a.m.17 views

CVE-2015-3716

Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library...

4.6AI score0.00458EPSS
Exploits0References4
Rows per page
Query Builder