9 matches found
CVE-2026-21353
The CVE-2026-21353 issue affects DNG SDK versions 1.7.1 ≤ 2410 and earlier. The root cause is an Integer Overflow or Wraparound (CWE-190) in the SDK, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. ...
CVE-2026-21352
The CVE-2026-21352 entry concerns Adobe DNG SDK: versions 1.7.1 build 2410 and earlier are affected by an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the victim opening a malicious...
CVE-2026-47964
Affected software : DNG SDK (version 1.7.1 2536 and earlier). Vulnerability : Heap-based buffer overflow (CWE-122) in the DNG SDK, potentially allowing arbitrary code execution in the context of the current user. Impact : Arbitrary code execution with high impact (confidentiality/ integrity/ avai...
CVE-2026-47927
CVE-2026-47927 concerns the DNG SDK, where versions 1.7.1 2536 and earlier are affected by an out-of-bounds read (CWE-125). The vulnerability could lead to disclosure of sensitive memory. Exploitation requires user interaction: a victim must open a malicious file. The CVSS info indicates a local ...
CVE-2026-21355
The CVE-2026-21355 entry concerns the DNG SDK, affected in versions 1.7.1 2410 and earlier. It describes an out-of-bounds read that could expose memory contents, with exploitation requiring a user to open a malicious file. The impact is memory exposure, not code execution per the provided text. C...
CVE-2026-47963
The CVE-2026-47963 entry concerns DNG SDK versions 1.7.1 2536 and earlier, which are affected by an out-of-bounds read (CWE-125). The vulnerability can disclose sensitive memory and requires user interaction: a victim must open a malicious file. This is the explicit impact and attack condition de...
CVE-2026-21354
The CVE-2026-21354 entry concerns the DNG SDK, affected in versions 1.7.1 2410 and earlier. The issue is an Integer Overflow or Wraparound that can lead to application denial-of-service. Exploitation requires user interaction: a victim must open a malicious file, potentially crashing or making th...
CVE-2026-47934
CVE-2026-47934 affects DNG SDK versions 1.7.1 2536 and earlier, with an out-of-bounds read (CWE-125) that can disclose sensitive memory. The vulnerability arises in the SDK’s handling that leads to memory disclosure. Exploitation requires user interaction: a victim must open a malicious file. Con...
CVE-2026-48267
The CVE-2026-48267 entry concerns the DNG SDK prior to or equal to version 1.7.1 build 2536, where a NULL Pointer Dereference could cause an application crash and denial-of-service. The vulnerability requires user interaction: a victim must open a malicious file. The root cause is a NULL pointer ...