Search CVE reports

41 – 50 of 59 results

Detailed view

Sort by:

CVE-2018-5801

Medium priority

Some fixes available 3 of 93

An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.

8 affected packages

kodi, rawtherapee, xbmc, libraw, ufraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-5800

Medium priority

Some fixes available 3 of 93

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

8 affected packages

dcraw, exactimage, darktable, libraw, ufraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2017-16910

Low priority

Some fixes available 3 of 87

An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.

8 affected packages

darktable, dcraw, exactimage, rawtherapee, libraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
dcraw	Vulnerable	Vulnerable	Vulnerable	Vulnerable
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
rawtherapee	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Vulnerable
kodi	Needs evaluation	Not affected	Not affected	Not affected
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-16909

Low priority

Some fixes available 3 of 100

An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

8 affected packages

darktable, rawtherapee, libraw, ufraw, xbmc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2017-14608

Medium priority

Some fixes available 4 of 100

In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive...

8 affected packages

kodi, darktable, dcraw, libraw, ufraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-14348

Medium priority

Some fixes available 3 of 99

LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.

8 affected packages

darktable, dcraw, exactimage, kodi, rawtherapee...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation

CVE-2017-14265

Medium priority

Some fixes available 4 of 100

A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.

8 affected packages

dcraw, exactimage, kodi, rawtherapee, libraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-13735

Medium priority

Some fixes available 4 of 72

There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.

8 affected packages

darktable, dcraw, kodi, xbmc, libraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Not affected	Not affected	Not affected	Not affected
dcraw	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Not affected	Not affected	Not affected
xbmc	Not in release	Not in release	Not in release	Not in release
libraw	Not affected	Not affected	Not affected	Not affected
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
rawtherapee	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ufraw	Not in release	Not in release	Not in release	Vulnerable

CVE-2017-6887

Low priority

Some fixes available 3 of 113

A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100"...

12 affected packages

dcraw, darktable, exactimage, kodi, rawtherapee...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Vulnerable
flphoto	Not in release	Not in release	Not in release	Not in release
freeimage	Not affected	Not affected	Not affected	Not affected
graphicsmagick	Not affected	Not affected	Not affected	Not affected
rawstudio	Not in release	Not in release	Not in release	Not in release
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-6886

Low priority

Some fixes available 3 of 113

An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.

12 affected packages

darktable, flphoto, dcraw, exactimage, kodi...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
flphoto	Not in release	Not in release	Not in release	Not in release
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
rawstudio	Not in release	Not in release	Not in release	Not in release
freeimage	Not affected	Not affected	Not affected	Not affected
graphicsmagick	Not affected	Not affected	Not affected	Not affected
xbmc	Not in release	Not in release	Not in release	Not in release

Export to JSON

Results by page: