Search CVE reports
91 – 100 of 142 results
Some fixes available 3 of 118
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100"...
12 affected packages
dcraw, darktable, exactimage, kodi, rawtherapee...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Vulnerable |
| flphoto | Not in release | Not in release | Not in release | Not in release |
| freeimage | Not affected | Not affected | Not affected | Not affected |
| graphicsmagick | Not affected | Not affected | Not affected | Not affected |
| rawstudio | Not in release | Not in release | Not in release | Not in release |
| xbmc | Not in release | Not in release | Not in release | Not in release |
Some fixes available 3 of 118
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
12 affected packages
darktable, flphoto, dcraw, exactimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| flphoto | Not in release | Not in release | Not in release | Not in release |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Needs evaluation |
| rawstudio | Not in release | Not in release | Not in release | Not in release |
| freeimage | Not affected | Not affected | Not affected | Not affected |
| graphicsmagick | Not affected | Not affected | Not affected | Not affected |
| xbmc | Not in release | Not in release | Not in release | Not in release |
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."
2 affected packages
graphicsmagick, imagemagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
| imagemagick | — | — | — | Not affected |
Some fixes available 10 of 13
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors.
2 affected packages
imagemagick, graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| imagemagick | — | — | — | Fixed |
| graphicsmagick | — | — | — | Not affected |
Some fixes available 1 of 3
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA...
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 2 of 6
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 2 of 7
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 2 of 6
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 2 of 6
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |
Some fixes available 2 of 6
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
1 affected package
graphicsmagick
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| graphicsmagick | — | — | — | Not affected |