📄 Adobe DNG SDK Integer Overflow Proof of Concept Generator

This is a proof of concept tool to generate an integer overflow condition in the Adobe DNG SDK to achieve arbitrary code execution. integer overflow during image processing...

CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1478)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1478 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in...

OESA-2026-1454 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

Linux Distros Unpatched Vulnerability : CVE-2020-35535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibRaw, there is an out-of-bounds read vulnerability within the LibRaw::parseSonySRF function libraw\src\metadata\sony.cpp when processing srf files...

CVE-2024-47211

In OpenStack Ironic before 21.4.4, 22.x and 23.x before 23.0.3, 23.x and 24.x before 24.1.3, and 25.x and 26.x before 26.1.0, there is a lack of checksum validation of supplied imagesource URLs when configured to convert images to a raw format for streaming...

USN-6911-1: Nova vulnerability

Arnaud Morin discovered that Nova incorrectly handled certain raw format images. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Nova vulnerability (USN-6911-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6911-1 advisory. Arnaud Morin discovered that Nova incorrectly handled certain raw format images. An authenticated user could use this issue to access...

Sensitive Information Stored In Clear Text

codeigniter4 is vulnerable to Sensitive Information Disclosure. The vulnerability is due to storing the secretKey for HMAC SHA256 authentication in a raw format. An attacker can exploit this flaw if they gain access to the database and then send requests impersonating any person in the system usi...

Microsoft Raw Image Extension Remote Code Execution Vulnerability (CNVD-2023-02188)

Microsoft Raw Image Extension is a software for manipulating Raw format files from Microsoft Corporation USA.A remote code execution vulnerability exists in Microsoft Raw Image Extension. An attacker could exploit the vulnerability to execute arbitrary code on the system...

Use after free triggered by block frontend in Linux blkback

ISSUE DESCRIPTION The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggle between the states connect and disconnect. As a consequence, the block backend may re-use ...

Low: exiv2

Issue Overview: An out of bounds read vulnerability was discovered in the way exiv2 parses Canon raw format CRW images. An application that uses exiv2 library to parse untrusted images may be vulnerable to this flaw, which could be used by an attacker to extract data from the application's memory...

Authorization Bypass

kernel is vulnerable to authorization bypass. In KVM Kernel-based Virtual Machine environments using raw format virtio disks backed by a partition or LVM volume, a privileged guest user could bypass intended restrictions and issue read and write requests and other SCSI commands on the host, and...

MGASA-2015-0393 Updated isodumper package fixes command injection

The volume label text could be injected and executed as a shell command in rawformat.py from isodumper...

[SECURITY] Fedora 21 Update: rawstudio-2.1-0.1.20150511git983bda1.fc21

Rawstudio is a highly specialized application for processing RAW images from digital cameras. It is not a fully featured image editing application. The RAW format is often recommended to get the best quality out of digital camera images. The format is specific to cameras and cannot be read by mos...

[SECURITY] Fedora 20 Update: ufraw-0.21-1.fc20

UFRaw is a tool for opening raw format images of digital cameras...

[SECURITY] Fedora 21 Update: ufraw-0.21-1.fc21

UFRaw is a tool for opening raw format images of digital cameras...

Fedora Update for ufraw FEDORA-2013-22832

Check for the Version of ufraw OpenVAS Vulnerability Test Fedora Update for ufraw FEDORA-2013-22832 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for ufraw FEDORA-2013-22899

Check for the Version of ufraw OpenVAS Vulnerability Test Fedora Update for ufraw FEDORA-2013-22899 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for ufraw FEDORA-2013-22924

Check for the Version of ufraw OpenVAS Vulnerability Test Fedora Update for ufraw FEDORA-2013-22924 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...