Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dcraw project dcraw vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2018-19566
A heap buffer over-read in parse_tiff_ifd in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
Dcraw Project Dcraw
5.5
CVSSv3
CVE-2018-19567
A floating point exception in parse_tiff_ifd in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
Dcraw Project Dcraw
5.5
CVSSv3
CVE-2018-19568
A floating point exception in kodak_radc_load_raw in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
Dcraw Project Dcraw
7.1
CVSSv3
CVE-2018-19565
A buffer over-read in crop_masked_pixels in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
Dcraw Project Dcraw
NA
CVE-2015-3885
Integer overflow in the ljpeg_start function in dcraw 7.00 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Dcraw Project Dcraw
Fedoraproject Fedora 21
7.8
CVSSv3
CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system.
Dcraw Project Dcraw 9.28-2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2018-19655
A stack-based buffer overflow in the find_green() function of dcraw up to and including 9.28, as used in ufraw-batch and many other products, may allow a remote malicious user to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted...
Dcraw Project Dcraw
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Server 12
Suse Suse Linux Enterprise Desktop 12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started