Libraw

libraw

Vendor: Libraw • 63 CVEs

CVEs (63)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-5810 2Canonical Libraw 2Libraw Ubuntu Linux Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
CVE-2018-5809 1Libraw 1Libraw Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
CVE-2018-5808 2Debian Libraw 2Debian Linux Libraw Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
CVE-2018-5807 2Canonical Libraw 2Libraw Ubuntu Linux Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVE-2018-5806 2Libraw Redhat 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5805 2Libraw Redhat 4Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Workstation+1 more Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
CVE-2018-5804 1Libraw 1Libraw Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.
CVE-2018-5802 4Canonical DebianLibraw+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subseque...Show more An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.Show less
CVE-2018-5801 4Canonical DebianLibraw+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5800 4Canonical DebianLibraw+1 more 6Debian Linux Enterprise Linux DesktopEnterprise Linux Server+3 more Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a cras...Show more An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.Show less
CVE-2017-16910 2Canonical Libraw 2Libraw Ubuntu Linux Nov 21, 2024 Dec 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service cond...Show more An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.Show less
CVE-2017-16909 2Canonical Libraw 2Libraw Ubuntu Linux Nov 21, 2024 Dec 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially...Show more An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.Show less
CVE-2018-10529 2Canonical Libraw 2Libraw Ubuntu Linux Nov 21, 2024 Apr 29, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
CVE-2018-10528 2Canonical Libraw 2Libraw Ubuntu Linux Nov 21, 2024 Apr 29, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
CVE-2017-14608 1Libraw 1Libraw May 13, 2026 Sep 20, 2017 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially...Show more In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.Show less
CVE-2017-14348 1Libraw 1Libraw May 13, 2026 Sep 12, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.
CVE-2017-14265 1Libraw 1Libraw May 13, 2026 Sep 11, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
CVE-2017-13735 1Libraw 1Libraw May 13, 2026 Aug 29, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
CVE-2017-6887 1Libraw 1Libraw May 13, 2026 May 16, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "...Show more A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.Show less
CVE-2017-6886 1Libraw 1Libraw May 13, 2026 May 16, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.

Previous 1 234 Next