Page 4 of 38 results (0.003 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference. Un error en la función "nikon_coolscan_load_raw()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.9, puede explotarse para desencadenar una desreferencia de puntero NULL. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9 https://secuniaresearch.flexerasoftware.com/advisories/81800 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10 https://usn.ubuntu.com/3838-1 • CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Un error en la función "samsung_load_raw()" (internal/dcraw_common.cpp) en LibRaw en versiones anteriores a la 0.18.9 se puede explotar para provocar un acceso de lectura a la memoria fuera de límites y un cierre inesperado. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9 https://secuniaresearch.flexerasoftware.com/advisories/81800 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10 https://usn.ubuntu.com/3838-1 • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file. Un error en la función "parse_minolta()" (dcraw/dcraw.c) en LibRaw, en versiones anteriores a la 0.18.11, puede explotarse para provocar un bucle infinito mediante un archivo especialmente manipulado. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/e47384546b43d0fd536e933249047bc397a4d88b https://secuniaresearch.flexerasoftware.com/advisories/83050 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-13 https://usn.ubuntu.com/3838-1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. Un error de desbordamiento de enteros en la función "parse_qt()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.12, puede explotarse para provocar un bucle infinito mediante un archivo Apple QuickTime especialmente manipulado. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/1334647862b0c90b2e8cb2f668e66627d9517b17 https://secuniaresearch.flexerasoftware.com/advisories/83507 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-14 https://usn.ubuntu.com/3838-1 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804). Un error de desbordamiento de enteros en la función "identify()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.12, puede explotarse para provocar una división entre cero mediante un archivo NOKIARAW especialmente manipulado (Nota: esta vulnerabilidad existe debido a una solución incompleta para CVE-2018-5804). • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/1d8d1b452e5dc74033ee9f846081a0efb616cc39 https://secuniaresearch.flexerasoftware.com/advisories/83507 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-14 https://usn.ubuntu.com/3838-1 • CWE-190: Integer Overflow or Wraparound •