Alex Tutubalin

49 exploits Active since Aug 2013
CVE-2018-5802 WRITEUP HIGH WRITEUP
LibRaw < 0.18.7 - Out-of-bounds Read in kodak_radc_load_raw Function
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVSS 8.8
CVE-2018-5811 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.9 - Out-of-bounds Read in nikon_coolscan_load_raw()
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVSS 6.5
CVE-2018-5812 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.9 - NULL Pointer Dereference in nikon_coolscan_load_raw()
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.
CVSS 6.5
CVE-2018-5813 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.11 - Denial of Service via Infinite Loop in parse_minolta()
An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file.
CVSS 6.5
CVE-2018-5815 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.12 - Integer Overflow in parse_qt() Function
An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.
CVSS 6.5
CVE-2018-5816 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.12 - Integer Overflow via NOKIARAW File in identify() Function
An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804).
CVSS 6.5
CVE-2026-5342 WRITEUP MEDIUM WRITEUP
LibRaw TIFF/NEF decoders_libraw.cpp nikon_load_padded_packed_raw out-of-bounds
A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikon_load_padded_packed_raw of the file src/decoders/decoders_libraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument load_flags/raw_width can lead to out-of-bounds read. It is possible to launch the attack remotely. The exploit has been published and may be used. Upgrading to version 0.22.1 mitigates this issue. This patch is called b8397cd45657b84e88bd1202528d1764265f185c. It is advisable to upgrade the affected component.
CVSS 5.3
CVE-2026-5318 WRITEUP MEDIUM WRITEUP
LibRaw JPEG DHT losslessjpeg.cpp initval out-of-bounds write
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits[] causes out-of-bounds write. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.22.1 will fix this issue. Patch name: a6734e867b19d75367c05f872ac26322464e3995. It is advisable to upgrade the affected component.
CVSS 4.3
CVE-2013-1439 WRITEUP WRITEUP
libraw 0.13.x-0.15.x < 0.15.4 - Denial of Service via Crafted Photo File
The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file.
CVE-2013-2126 WRITEUP WRITEUP
LibRaw < 0.15.2 - Double Free in Image Unpacking
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
CVE-2013-2127 WRITEUP WRITEUP
LibRaw < 0.15.1 - Buffer Overflow in Exposure Correction Code
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2015-3885 WRITEUP WRITEUP
dcraw < 7.00 - Denial of Service via Integer Overflow in ljpeg_start
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
CVE-2017-14608 WRITEUP CRITICAL WRITEUP
LibRaw < 0.18.4 - Out-of-bounds Read in kodak_65000_load_raw
In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
CVSS 9.1
CVE-2017-16909 WRITEUP HIGH WRITEUP
LibRaw < 0.18.6 - Heap-Based Buffer Overflow via Crafted TIFF Image
An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.
CVSS 8.8
CVE-2017-16910 WRITEUP MEDIUM WRITEUP
libraw < 0.18.6 - Denial of Service via xtrans_interpolate Function
An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.
CVSS 6.5
CVE-2017-6886 WRITEUP CRITICAL WRITEUP
LibRaw < 0.18.2 - Memory Corruption in parse_tiff_ifd()
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
CVSS 9.8
CVE-2017-6887 WRITEUP HIGH WRITEUP
LibRaw < 0.18.2 - Memory Corruption via Crafted KDC File with Multiple 0x100 and 0x14A TAGs
A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.
CVSS 7.8
CVE-2017-6889 WRITEUP CRITICAL WRITEUP
LibRaw-demosaic-pack-GPL2 <0.18.2 - Buffer Overflow
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.
CVSS 9.8
CVE-2017-6890 WRITEUP CRITICAL WRITEUP
LibRaw-demosaic-pack-GPL2 <0.18.2 - Buffer Overflow
A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow.
CVSS 9.8
CVE-2018-10528 WRITEUP HIGH WRITEUP
LibRaw 0.18.9 - Buffer Overflow
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
CVSS 8.8
CVE-2018-10529 WRITEUP HIGH WRITEUP
LibRaw <0.18.9 - Memory Corruption
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
CVSS 8.8
CVE-2018-5800 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.7 - Heap-Based Buffer Overflow via kodak_ycbcr_load_raw Off-by-One Error
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
CVSS 6.5
CVE-2018-5801 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.7 - NULL Pointer Dereference in unpack() Function
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
CVSS 6.5
CVE-2018-5802 WRITEUP HIGH WRITEUP
LibRaw < 0.18.7 - Out-of-bounds Read in kodak_radc_load_raw Function
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVSS 8.8
CVE-2018-5804 WRITEUP MEDIUM WRITEUP
LibRaw < 0.18.8 - Divide By Zero via identify() Function Type Confusion
A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.
CVSS 6.5