Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libraw libraw vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-14348
LibRaw prior to 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.
Libraw Libraw
7.5
CVSSv2
CVE-2017-14265
A Stack-based Buffer Overflow exists in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw prior to 0.18.3. It could allow a remote denial of service or code execution attack.
Libraw Libraw
5
CVSSv2
CVE-2017-13735
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
Libraw Libraw 0.18.2
7.5
CVSSv2
CVE-2017-6886
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.2 can be exploited to corrupt memory.
Libraw Libraw
6.8
CVSSv2
CVE-2017-6887
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple seq...
Libraw Libraw
7.5
CVSSv2
CVE-2017-6889
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 prior to 0.18.2 can be exploited to cause a heap-based buffer overflow.
Libraw Libraw-demosaic-pack-gpl2
7.5
CVSSv2
CVE-2017-6890
A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 prior to 0.18.2 can be exploited to cause a stack-based buffer overflow.
Libraw Libraw-demosaic-pack-gpl2
4.3
CVSSv2
CVE-2015-3885
Integer overflow in the ljpeg_start function in dcraw 7.00 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Dcraw Project Dcraw
Fedoraproject Fedora 21
4.3
CVSSv2
CVE-2013-1438
Unspecified vulnerability in dcraw 0.8.x up to and including 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent malicious users to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3)...
Dave Coffin Dcraw 0.8.6
Dave Coffin Dcraw 0.8.5
Dave Coffin Dcraw 0.8.4
Dave Coffin Dcraw 0.8.3
Dave Coffin Dcraw 0.8.9
Dave Coffin Dcraw 0.8.2
Dave Coffin Dcraw 0.8.1
Dave Coffin Dcraw 0.8.8
Dave Coffin Dcraw 0.8.7
Dave Coffin Dcraw 0.8.0
4.3
CVSSv2
CVE-2013-1439
The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x prior to 0.15.4 allows context-dependent malicious users to cause a denial of service (NULL pointer dereference) via a crafted photo file.
Libraw Libraw 0.13.7
Libraw Libraw 0.13.6
Libraw Libraw 0.13.5
Libraw Libraw 0.14.5
Libraw Libraw 0.14.4
Libraw Libraw 0.15.3
Libraw Libraw 0.13.0
Libraw Libraw 0.13.2
Libraw Libraw 0.13.1
Libraw Libraw 0.14.1
Libraw Libraw 0.15.0
Libraw Libraw 0.13.4
Libraw Libraw 0.13.3
Libraw Libraw 0.14.3
Libraw Libraw 0.14.2
Libraw Libraw 0.14.0
Libraw Libraw 0.13.8
Libraw Libraw 0.14.7
Libraw Libraw 0.14.6
Libraw Libraw 0.15.1
Libraw Libraw 0.15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »