CVE search results

701 – 710 of 1235 results

Detailed view

Sort by:

CVE-2018-5802

Medium priority

Some fixes available 3 of 97

An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

8 affected packages

libraw, ufraw, xbmc, darktable, dcraw...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libraw	Not affected	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Not in release	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release	Not in release
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-5801

Medium priority

Some fixes available 3 of 97

An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.

8 affected packages

kodi, xbmc, libraw, ufraw, darktable...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release	Not in release
libraw	Not affected	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Not in release	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-5800

Medium priority

Some fixes available 3 of 97

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

8 affected packages

dcraw, exactimage, darktable, libraw, ufraw...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Not in release	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release	Not in release
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2017-18210

Low priority

Not affected

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	—	Not affected

CVE-2017-18211

Low priority

Fixed

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	—	Fixed

CVE-2017-18209

Low priority

Fixed

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	—	Fixed

CVE-2018-7470

Low priority

Not affected

An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	—	Not affected

CVE-2018-7443

Low priority

Fixed

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the...

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	—	Fixed

CVE-2018-6930

Medium priority

Not affected

A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	—	Not affected

CVE-2018-6405

Low priority

Fixed

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows...

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	—	—	Fixed

Export to JSON

Results by page:

Search CVE reports