Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dcraw project dcraw vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system.
Dcraw Project Dcraw 9.28-2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2018-19655
A stack-based buffer overflow in the find_green() function of dcraw up to and including 9.28, as used in ufraw-batch and many other products, may allow a remote malicious user to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted...
Dcraw Project Dcraw
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Server 12
Suse Suse Linux Enterprise Desktop 12
5.8
CVSSv2
CVE-2018-19566
A heap buffer over-read in parse_tiff_ifd in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
Dcraw Project Dcraw
4.3
CVSSv2
CVE-2018-19568
A floating point exception in kodak_radc_load_raw in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
Dcraw Project Dcraw
4.3
CVSSv2
CVE-2018-19567
A floating point exception in parse_tiff_ifd in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
Dcraw Project Dcraw
5.8
CVSSv2
CVE-2018-19565
A buffer over-read in crop_masked_pixels in dcraw up to and including 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
Dcraw Project Dcraw
4.3
CVSSv2
CVE-2015-3885
Integer overflow in the ljpeg_start function in dcraw 7.00 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Dcraw Project Dcraw
Fedoraproject Fedora 21
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started