Search CVE reports
31 – 40 of 59 results
CVE-2018-19566
Medium priorityA heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
1 affected package
dcraw
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-19565
Medium priorityA buffer over-read in crop_masked_pixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
1 affected package
dcraw
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-5812
Medium prioritySome fixes available 2 of 81
An error within the “nikon_coolscan_load_raw()” function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2018-5811
Low prioritySome fixes available 2 of 81
An error within the “nikon_coolscan_load_raw()” function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2018-5810
Medium prioritySome fixes available 3 of 82
An error within the “rollei_load_raw()” function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2018-5807
Low prioritySome fixes available 3 of 82
An error within the “samsung_load_raw()” function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2018-5816
Medium prioritySome fixes available 2 of 81
An integer overflow error within the “identify()” function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This...
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2018-5815
Medium prioritySome fixes available 2 of 81
An integer overflow error within the “parse_qt()” function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2018-5813
Medium prioritySome fixes available 3 of 82
An error within the “parse_minolta()” function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Not affected | Not affected | Not affected | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2018-10529
Medium prioritySome fixes available 16 of 101
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
8 affected packages
darktable, dcraw, exactimage, kodi, libraw...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libraw | Fixed | Fixed | Fixed | Fixed | Fixed |
rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |