Search CVE reports


Toggle filters

431 – 440 of 1287 results


CVE-2020-35534

Medium priority
Needs evaluation

In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Not affected Not affected
libraw Not affected Not affected Not affected Not affected Not affected
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35533

Medium priority

Some fixes available 4 of 64

In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35532

Medium priority

Some fixes available 4 of 64

In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35531

Medium priority

Some fixes available 4 of 64

In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35530

Medium priority

Some fixes available 4 of 64

In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2022-1115

Medium priority
Ignored

A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion,...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages

CVE-2022-0284

Medium priority
Not affected

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages

CVE-2021-3574

Medium priority
Fixed

A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Not affected Not affected
Show less packages

CVE-2021-20224

Medium priority
Fixed

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Fixed Fixed
Show less packages

CVE-2022-2719

Medium priority
Not affected

In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages