CVE-2018-10529 |
AVG-681 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in LibRaw before 0.18.10, in the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp |
CVE-2018-10528 |
AVG-681 |
Critical |
Yes |
Arbitrary code execution |
A stack-based buffer overflow has been found in LibRaw before 0.18.10, in the utf2char() function in libraw_cxx.cpp. |
CVE-2017-14265 |
AVG-410 |
High |
No |
Arbitrary code execution |
A stack-based buffer overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3 leading to denial of service or... |
CVE-2017-13735 |
AVG-410 |
Medium |
No |
Denial of service |
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2 leading to denial of service. |
CVE-2015-8367 |
AVG-92 |
Medium |
Yes |
Incorrect calculation |
It was found that phase_one_correct function in libraw does not handle memory object’s initialization correctly, which may have unspecified impact. |
CVE-2015-8366 |
AVG-92 |
Medium |
Yes |
Incorrect calculation |
It was found that smal_decode_segment function in libraw do not handle index carefully, which may cause index overflow. |