Search CVE reports
111 – 120 of 846 results
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
9 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| digikam | Not affected | Not affected | Not affected | Not affected |
| exactimage | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release |
| libraw | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Ignored |
Some fixes available 4 of 47
In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
9 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| digikam | Not affected | Not affected | Fixed | Fixed |
| exactimage | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Fixed | Fixed |
| ufraw | Not in release | Not in release | Not in release | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release |
Some fixes available 4 of 47
In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.
9 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| digikam | Not affected | Not affected | Fixed | Fixed |
| exactimage | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Fixed | Fixed |
| ufraw | Not in release | Not in release | Not in release | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release |
Some fixes available 4 of 47
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.
9 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| digikam | Not affected | Not affected | Fixed | Fixed |
| exactimage | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
| ufraw | Not in release | Not in release | Not in release | Ignored |
| libraw | Not affected | Not affected | Fixed | Fixed |
| xbmc | Not in release | Not in release | Not in release | Not in release |
Some fixes available 4 of 47
In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.
9 affected packages
darktable, dcraw, digikam, exactimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Ignored | Ignored |
| dcraw | Needs evaluation | Needs evaluation | Ignored | Ignored |
| digikam | Not affected | Not affected | Fixed | Fixed |
| exactimage | Needs evaluation | Needs evaluation | Ignored | Ignored |
| kodi | Needs evaluation | Needs evaluation | Ignored | Ignored |
| rawtherapee | Needs evaluation | Needs evaluation | Ignored | Ignored |
| libraw | Not affected | Not affected | Fixed | Fixed |
| ufraw | Not in release | Not in release | Not in release | Ignored |
| xbmc | Not in release | Not in release | Not in release | Not in release |
cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing `table.c:row_from_string` may lead to...
1 affected package
cmark-gfm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cmark-gfm | Not affected | Not affected | Ignored | — |
Some fixes available 1 of 5
Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Not affected | Fixed | Not affected |
Some fixes available 4 of 8
Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Not affected | Fixed | Fixed |
Some fixes available 4 of 8
Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Not affected | Fixed | Fixed |
Some fixes available 4 of 8
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| wireshark | Not affected | Not affected | Fixed | Fixed |