Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libraw libraw vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-14348
LibRaw prior to 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.
Libraw Libraw
9.8
CVSSv3
CVE-2017-14265
A Stack-based Buffer Overflow exists in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw prior to 0.18.3. It could allow a remote denial of service or code execution attack.
Libraw Libraw
7.5
CVSSv3
CVE-2017-13735
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
Libraw Libraw 0.18.2
9.8
CVSSv3
CVE-2017-6886
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.2 can be exploited to corrupt memory.
Libraw Libraw
7.8
CVSSv3
CVE-2017-6887
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple seq...
Libraw Libraw
9.8
CVSSv3
CVE-2017-6890
A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 prior to 0.18.2 can be exploited to cause a stack-based buffer overflow.
Libraw Libraw-demosaic-pack-gpl2
9.8
CVSSv3
CVE-2017-6889
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 prior to 0.18.2 can be exploited to cause a heap-based buffer overflow.
Libraw Libraw-demosaic-pack-gpl2
NA
CVE-2015-3885
Integer overflow in the ljpeg_start function in dcraw 7.00 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Dcraw Project Dcraw
Fedoraproject Fedora 21
NA
CVE-2013-1438
Unspecified vulnerability in dcraw 0.8.x up to and including 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent malicious users to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3)...
Dave Coffin Dcraw 0.8.6
Dave Coffin Dcraw 0.8.5
Dave Coffin Dcraw 0.8.4
Dave Coffin Dcraw 0.8.3
Dave Coffin Dcraw 0.8.9
Dave Coffin Dcraw 0.8.2
Dave Coffin Dcraw 0.8.1
Dave Coffin Dcraw 0.8.8
Dave Coffin Dcraw 0.8.7
Dave Coffin Dcraw 0.8.0
NA
CVE-2013-1439
The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x prior to 0.15.4 allows context-dependent malicious users to cause a denial of service (NULL pointer dereference) via a crafted photo file.
Libraw Libraw 0.13.7
Libraw Libraw 0.13.6
Libraw Libraw 0.13.5
Libraw Libraw 0.14.5
Libraw Libraw 0.14.4
Libraw Libraw 0.15.3
Libraw Libraw 0.13.0
Libraw Libraw 0.13.2
Libraw Libraw 0.13.1
Libraw Libraw 0.14.1
Libraw Libraw 0.15.0
Libraw Libraw 0.13.4
Libraw Libraw 0.13.3
Libraw Libraw 0.14.3
Libraw Libraw 0.14.2
Libraw Libraw 0.14.0
Libraw Libraw 0.13.8
Libraw Libraw 0.14.7
Libraw Libraw 0.14.6
Libraw Libraw 0.15.1
Libraw Libraw 0.15.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »