CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10528 – Ubuntu Security Notice USN-3639-1
https://notcve.org/view.php?id=CVE-2018-10528
29 Apr 2018 — An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp. Se ha descubierto un problema en LibRaw 0.18.9. Existe un desbordamiento de búfer basado en pila en la función utf2char de libraw_cxx.cpp. It was discovered that LibRaw incorrectly handled certain files. • https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10529 – Ubuntu Security Notice USN-3639-1
https://notcve.org/view.php?id=CVE-2018-10529
29 Apr 2018 — An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp. Se ha descubierto un problema en LibRaw 0.18.9. Hay una lectura fuera de límites que afecta a la implementación de la lista de tablas de propiedades X3F en libraw_x3f.cpp y libraw_cxx.cpp. It was discovered that LibRaw incorrectly handled certain files. • https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5805 – LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5805
14 Mar 2018 — A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash. Un error de límites en la función "quicktake_100_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.8 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en pila y un cierre inesperado. LibRaw is vulnerable to stack-based buffer overflow in intern... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5806 – LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5806
14 Mar 2018 — An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. Un error en la función "leaf_hdr_load_raw()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.8, puede explotarse para desencadenar una desreferencia de puntero NULL. A NULL pointer dereference vulnerability in internal/dcraw_common.cpp:leaf_hdr_load_raw() function was found in LibRaw. A user can cause a denial of se... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5804 – LibRaw Denial of Service
https://notcve.org/view.php?id=CVE-2018-5804
14 Mar 2018 — A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero. Un error de confusión de tipos en la función "identify()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.8, puede explotarse para desencadenar una división entre cero. Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An i... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-369: Divide By Zero CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2018-5800 – LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5800
30 Jan 2018 — An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Un error por un paso relacionado con la función "LibRaw::kodak_ycbcr_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.7 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado. A heap-based o... • http://www.securityfocus.com/bid/104663 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-5801 – LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp
https://notcve.org/view.php?id=CVE-2018-5801
30 Jan 2018 — An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. Un error en la función "LibRaw::unpack()" (src/libraw_cxx.cpp) en LibRaw, en versiones anteriores a la 0.18.7, puede explotarse para desencadenar una desreferencia de puntero NULL. A NULL pointer dereference flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking th... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-5802 – LibRaw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5802
30 Jan 2018 — An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Un error en la función "kodak_radc_load_raw()" (internal/dcraw_common.cpp) relacionada con la variable "buf" en LibRaw en versiones anteriores a la 0.18.7 se puede explotar para provocar un acceso de lectura a la memoria fuera de límites y un cierre inesperado. An out-of-... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-16910 – Ubuntu Security Notice USN-3615-1
https://notcve.org/view.php?id=CVE-2017-16910
12 Dec 2017 — An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition. Un error en la función "LibRaw::xtrans_interpolate()" (internal/dcraw_common.cpp) en LibRaw en versiones anteriores a la 0.18.6 se puede explotar para provocar un acceso de lectura a la memoria inválido y una condición de denegación de servicio (DoS). It was discovered that LibRaw inc... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-16909 – Ubuntu Security Notice USN-3615-1
https://notcve.org/view.php?id=CVE-2017-16909
12 Dec 2017 — An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. Un error relacionado con la función "LibRaw::panasonic_load_raw()" (dcraw_common.cpp) en las versiones anteriores a la 0.18.6 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado mediante una imagen T... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •