Search CVE reports


Toggle filters

31 – 40 of 55 results


CVE-2018-5816

Medium priority

Some fixes available 2 of 81

An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This...

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Fixed Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2018-5815

Medium priority

Some fixes available 2 of 81

An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Fixed Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2018-5813

Medium priority

Some fixes available 3 of 82

An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Fixed Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2018-10529

Medium priority

Some fixes available 16 of 101

An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Fixed Fixed Fixed Fixed Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2018-10528

Medium priority

Some fixes available 16 of 101

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Fixed Fixed Fixed Fixed Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2018-5802

Medium priority

Some fixes available 3 of 88

An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2018-5801

Medium priority

Some fixes available 3 of 88

An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2018-5800

Medium priority

Some fixes available 3 of 88

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2017-16910

Low priority

Some fixes available 3 of 82

An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
dcraw Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
exactimage Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
kodi Needs evaluation Not affected Not affected Not affected Not affected
libraw Not affected Not affected Not affected Not affected Fixed
rawtherapee Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
ufraw Not in release Not in release Not in release Vulnerable Vulnerable
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages

CVE-2017-16909

Low priority

Some fixes available 3 of 95

An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

8 affected packages

darktable, dcraw, exactimage, kodi, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Fixed
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 8 packages Show less packages