CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20363
https://notcve.org/view.php?id=CVE-2018-20363
22 Dec 2018 — LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. LibRaw::raw2image en libraw_cxx.cpp en LibRaw 0.19.1 tiene una desreferencia de puntero NULL. • http://www.securityfocus.com/bid/106299 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20337 – LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-20337
21 Dec 2018 — There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact. Existe un desbordamiento de búfer basado en pila en la función parse_makernote de dcraw_common.cpp en la versión 0.19.1 de LibRaw. Se podría realizar un ataque de denegación de servicio u otro tipo de impacto sin especificar con una entrada especialmente manipulada. It was discovered that LibRaw incorrectly handled p... • https://github.com/LibRaw/LibRaw/issues/192 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2018-5817 – Ubuntu Security Notice USN-3989-1
https://notcve.org/view.php?id=CVE-2018-5817
18 Dec 2018 — A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. Un error de confusión de tipos en la función "unpacked_load_raw()" en LibRaw, en versiones anteriores a la 0.19.1 (internal/dcraw_common.cpp), puede ser explotado para desencadenar un bucle infinito. Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial ... • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5818 – LibRaw 0.19.0 Denial of Service
https://notcve.org/view.php?id=CVE-2018-5818
18 Dec 2018 — An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop. Un error en la función "parse_rollei()" (internal/dcraw_common.cpp), en las versiones de LibRaw anteriores a la 0.19.1, podría explotarse para desencadenar un bucle infinito. Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). A type confusion error within t... • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5819 – LibRaw 0.19.0 Denial of Service
https://notcve.org/view.php?id=CVE-2018-5819
18 Dec 2018 — An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. Un error en la función "parse_sinar_ia()" (internal/dcraw_common.cpp), en las versiones de LibRaw anteriores a la 0.19.1, podría explotarse para agotar los recursos de la CPU disponibles. Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). A type co... • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5810
https://notcve.org/view.php?id=CVE-2018-5810
07 Dec 2018 — An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Un error en la función "rollei_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.9 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5812
https://notcve.org/view.php?id=CVE-2018-5812
07 Dec 2018 — An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference. Un error en la función "nikon_coolscan_load_raw()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.9, puede explotarse para desencadenar una desreferencia de puntero NULL. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5811
https://notcve.org/view.php?id=CVE-2018-5811
07 Dec 2018 — An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Un error en la función "nikon_coolscan_load_raw()" (internal/dcraw_common.cpp) en LibRaw en versiones anteriores a la 0.18.9 se puede explotar para provocar un acceso de lectura a la memoria fuera de límites y un cierre inesperado. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2018-5809
https://notcve.org/view.php?id=CVE-2018-5809
07 Dec 2018 — An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. Un error en la función "LibRaw::parse_exif()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.9 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en pila y la ejecución de código arbitrario. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2018-5808 – openSUSE Security Advisory - openSUSE-SU-2018:4299-1
https://notcve.org/view.php?id=CVE-2018-5808
07 Dec 2018 — An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. Un error en la función "find_green()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.9 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en pila y la ejecución de código arbitrario. An update that fixes 5 vulnerabilities is now available. This update for libraw fi... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-787: Out-of-bounds Write •