CVE search results

51 – 55 of 55 results

Detailed view

Sort by:

CVE-2015-3885

Negligible priority

Some fixes available 2 of 53

Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.

10 affected packages

darktable, dcraw, exactimage, freeimage, kodi...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
darktable	Not affected	Not affected	Not affected	Not affected	Not affected
dcraw	Not affected	Not affected	Not affected	Not affected	Vulnerable
exactimage	Not affected	Not affected	Not affected	Not affected	Not affected
freeimage	Not affected	Not affected	Not affected	Not affected	Not affected
kodi	Needs evaluation	Not affected	Not affected	Not affected	Vulnerable
libraw	Not affected	Not affected	Not affected	Not affected	Not affected
rawstudio	Not in release	Not in release	Not in release	Not in release	Not in release
rawtherapee	Not affected	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Not affected	Not affected
xbmc	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2013-1439

Medium priority

Some fixes available 15 of 32

The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file.

3 affected packages

darktable, libkdcraw, libraw

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
darktable	—	—	—	Not affected	Not affected
libkdcraw	—	—	—	Not in release	Not affected
libraw	—	—	—	Fixed	Fixed

CVE-2013-1438

Medium priority

Some fixes available 39 of 106

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a...

9 affected packages

darktable, dcraw, exactimage, libkdcraw, libraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
darktable	Not affected	Not affected	Not affected	Not affected	Not affected
dcraw	Not affected	Not affected	Not affected	Vulnerable	Vulnerable
exactimage	Not affected	Not affected	Not affected	Not affected	Not affected
libkdcraw	Not in release	Not in release	Not in release	Not in release	Not affected
libraw	Fixed	Fixed	Fixed	Fixed	Fixed
rawstudio	Not in release	Not in release	Not in release	Not in release	Not in release
rawtherapee	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ufraw	Not in release	Not in release	Not in release	Fixed	Fixed
xmbc	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2013-2127

Medium priority

Fixed

Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

3 affected packages

darktable, libkdcraw, libraw

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
darktable	—	—	—	—	—
libkdcraw	—	—	—	—	—
libraw	—	—	—	—	—

CVE-2013-2126

Medium priority

Some fixes available 22 of 29

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code...

3 affected packages

darktable, libkdcraw, libraw

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
darktable	—	—	—	—	Not affected
libkdcraw	—	—	—	—	Fixed
libraw	—	—	—	—	Fixed

Export to JSON

Results by page:

Search CVE reports