Lucene search
K
AdobeDng Software Development Kit

20 matches found

CVE
CVE
added 2020/06/26 8:3 p.m.63 views

CVE-2020-9625

The CVE-2020-9625 entry concerns the Adobe DNG Software Development Kit (SDK) prior to version 1.5. The vulnerability is an out-of-bounds read (with heap overflow/related memory issues referenced in surrounding advisories) that could lead to information disclosure if exploited. Affected product/v...

7.5CVSS6.9AI score0.03474EPSS
CVE
CVE
added 2020/06/26 8:4 p.m.62 views

CVE-2020-9628

Adobe DNG SDK (1.5 and earlier) contains an out-of-bounds read vulnerability that could disclose information. Multiple connected sources confirm the affected component is the DNG SDK, with instances of heap overflow/out-of-bounds read needing an update. Threatposts’ coverage notes that the fix is...

7.5CVSS6.9AI score0.03474EPSS
CVE
CVE
added 2020/06/26 8:5 p.m.58 views

CVE-2020-9627

CVE-2020-9627 affects Adobe DNG Software Development Kit (SDK) versions 1.5 and earlier. The issue is an out-of-bounds read that could lead to information disclosure. Public documentation in connected sources confirms the vulnerability and references a targeted update to mitigate it (SDK 1.5.1). ...

7.5CVSS6.9AI score0.03474EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.51 views

CVE-2016-4167

CVE-2016-4167 affects the Adobe DNG Software Development Kit (SDK) prior to 1.4. The issue is described as a memory corruption vulnerability that allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. The connected documents confirm this vulnerability and...

9.8CVSS9.6AI score0.05447EPSS
CVE
CVE
added 2026/02/10 6:32 p.m.42 views

CVE-2026-21353

The CVE-2026-21353 issue affects DNG SDK versions 1.7.1 ≤ 2410 and earlier. The root cause is an Integer Overflow or Wraparound (CWE-190) in the SDK, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. ...

7.8CVSS6.3AI score0.00184EPSS
CVE
CVE
added 2026/02/10 6:32 p.m.33 views

CVE-2026-21352

The CVE-2026-21352 entry concerns Adobe DNG SDK: versions 1.7.1 build 2410 and earlier are affected by an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the victim opening a malicious...

7.8CVSS6.3AI score0.00157EPSS
CVE
CVE
added 2026/03/10 6:23 p.m.27 views

CVE-2026-27280

CVE-2026-27280 affects DNG SDK versions 1.7.1 build 2471 and earlier, with an out-of-bounds write (CWE-787) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The CVSS 3.1 vector is Local/Low...

7.8CVSS6.3AI score0.00176EPSS
CVE
CVE
added 2025/12/09 5:41 p.m.26 views

CVE-2025-64783

CVE-2025-64783 affects Adobe DNG SDK versions 1.7.0 and earlier, due to an Integer Overflow or Wraparound that could lead to arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Public material in connected sources describes proofs ...

7.8CVSS7.3AI score0.00175EPSS
CVE
CVE
added 2025/12/09 5:41 p.m.26 views

CVE-2025-64784

CVE-2025-64784 affects the Adobe DNG SDK up to version 1.7.0. The vulnerability is a heap-based buffer overflow in the SDK’s image processing that could expose memory or cause application denial of service. PoCs describe heap-based OOB reads/writes and potential memory corruption that could, unde...

7.1CVSS6AI score0.00168EPSS
CVE
CVE
added 2026/06/16 4:32 p.m.24 views

CVE-2026-47964

Affected software : DNG SDK (version 1.7.1 2536 and earlier). Vulnerability : Heap-based buffer overflow (CWE-122) in the DNG SDK, potentially allowing arbitrary code execution in the context of the current user. Impact : Arbitrary code execution with high impact (confidentiality/ integrity/ avai...

7.8CVSS6AI score0.00199EPSS
CVE
CVE
added 2025/12/09 5:41 p.m.21 views

CVE-2025-64893

Adobe DNG SDK prior to 1.7.1.2410 is affected by an out-of-bounds read that can lead to memory disclosure or DoS when processing raw images with two color planes. The issue stems from a logic/handling flaw in the rendering path (RefBaselineABCDtoRGB) that may read memory beyond bounds. Affected v...

7.1CVSS5.7AI score0.00153EPSS
CVE
CVE
added 2026/02/10 6:32 p.m.19 views

CVE-2026-21354

The CVE-2026-21354 entry concerns the DNG SDK, affected in versions 1.7.1 2410 and earlier. The issue is an Integer Overflow or Wraparound that can lead to application denial-of-service. Exploitation requires user interaction: a victim must open a malicious file, potentially crashing or making th...

5.5CVSS5.6AI score0.00139EPSS
CVE
CVE
added 2026/06/16 4:32 p.m.19 views

CVE-2026-47927

CVE-2026-47927 concerns the DNG SDK, where versions 1.7.1 2536 and earlier are affected by an out-of-bounds read (CWE-125). The vulnerability could lead to disclosure of sensitive memory. Exploitation requires user interaction: a victim must open a malicious file. The CVSS info indicates a local ...

5.5CVSS5.2AI score0.00165EPSS
CVE
CVE
added 2025/12/09 5:41 p.m.18 views

CVE-2025-64894

The CVE-2025-64894 issue affects Adobe DNG SDK versions 1.7.0 and earlier. The root cause is an Integer Overflow or Wraparound in a component of the SDK, which could lead to a denial-of-service (the application crashing or becoming unresponsive). Exploitation requires user interaction: a victim m...

5.5CVSS6.2AI score0.00144EPSS
CVE
CVE
added 2026/02/10 6:32 p.m.18 views

CVE-2026-21355

The CVE-2026-21355 entry concerns the DNG SDK, affected in versions 1.7.1 2410 and earlier. It describes an out-of-bounds read that could expose memory contents, with exploitation requiring a user to open a malicious file. The impact is memory exposure, not code execution per the provided text. C...

5.5CVSS5.4AI score0.00152EPSS
CVE
CVE
added 2026/04/14 5:3 p.m.18 views

CVE-2026-27258

The CVE concerns DNG SDK, version 1.7.1 2502 and earlier, affected by an out-of-bounds write (CWE-787) that can cause an application denial-of-service. The vulnerability can lead to memory corruption resulting in a crash or unresponsiveness. Exploitation requires user interaction: a victim must o...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/03/10 6:23 p.m.15 views

CVE-2026-27281

DVE-2024-2026: CVE-2026-27281 affects DNG SDK up to version 1.7.1 2471 and earlier. The flaw is an Integer Overflow or Wraparound (CWE-190) in a component used by the SDK, leading to an application denial-of-service. Exploitation requires user interaction: a victim must open a malicious file. The...

5.5CVSS5.8AI score0.00179EPSS
CVE
CVE
added 2026/06/16 4:32 p.m.12 views

CVE-2026-47934

CVE-2026-47934 affects DNG SDK versions 1.7.1 2536 and earlier, with an out-of-bounds read (CWE-125) that can disclose sensitive memory. The vulnerability arises in the SDK’s handling that leads to memory disclosure. Exploitation requires user interaction: a victim must open a malicious file. Con...

5.5CVSS5.2AI score0.00165EPSS
CVE
CVE
added 2026/06/16 4:32 p.m.11 views

CVE-2026-47963

The CVE-2026-47963 entry concerns DNG SDK versions 1.7.1 2536 and earlier, which are affected by an out-of-bounds read (CWE-125). The vulnerability can disclose sensitive memory and requires user interaction: a victim must open a malicious file. This is the explicit impact and attack condition de...

5.5CVSS5.2AI score0.00165EPSS
CVE
CVE
added 3 days ago8 views

CVE-2026-48267

The CVE-2026-48267 entry concerns the DNG SDK prior to or equal to version 1.7.1 build 2536, where a NULL Pointer Dereference could cause an application crash and denial-of-service. The vulnerability requires user interaction: a victim must open a malicious file. The root cause is a NULL pointer ...

5.5CVSS6AI score0.00139EPSS