Vulnerabilities (CVE)

Filtered by vendor Libraw Subscribe
Filtered by product Libraw
Total 51 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-5812 2 Canonical, Libraw 2 Ubuntu Linux, Libraw 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5811 2 Canonical, Libraw 2 Ubuntu Linux, Libraw 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVE-2018-5810 2 Canonical, Libraw 2 Ubuntu Linux, Libraw 2024-11-21 6.8 MEDIUM 8.8 HIGH
An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
CVE-2018-5809 1 Libraw 1 Libraw 2024-11-21 6.8 MEDIUM 8.8 HIGH
An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
CVE-2018-5808 2 Debian, Libraw 2 Debian Linux, Libraw 2024-11-21 6.8 MEDIUM 8.8 HIGH
An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.
CVE-2018-5807 2 Canonical, Libraw 2 Ubuntu Linux, Libraw 2024-11-21 6.8 MEDIUM 8.8 HIGH
An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVE-2018-5806 2 Libraw, Redhat 4 Libraw, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5805 2 Libraw, Redhat 4 Libraw, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.
CVE-2018-5804 1 Libraw 1 Libraw 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.
CVE-2018-5802 4 Canonical, Debian, Libraw and 1 more 6 Ubuntu Linux, Debian Linux, Libraw and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVE-2018-5801 4 Canonical, Debian, Libraw and 1 more 6 Ubuntu Linux, Debian Linux, Libraw and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVE-2018-5800 4 Canonical, Debian, Libraw and 1 more 6 Ubuntu Linux, Debian Linux, Libraw and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
CVE-2018-20365 1 Libraw 1 Libraw 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.
CVE-2018-20364 1 Libraw 1 Libraw 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
CVE-2018-20363 1 Libraw 1 Libraw 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
CVE-2018-20337 1 Libraw 1 Libraw 2024-11-21 6.8 MEDIUM 8.8 HIGH
There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact.
CVE-2018-10529 2 Canonical, Libraw 2 Ubuntu Linux, Libraw 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
CVE-2018-10528 2 Canonical, Libraw 2 Ubuntu Linux, Libraw 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
CVE-2017-6887 1 Libraw 1 Libraw 2024-11-21 6.8 MEDIUM 7.8 HIGH
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.
CVE-2017-6886 1 Libraw 1 Libraw 2024-11-21 7.5 HIGH 9.8 CRITICAL
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.