CVE-2018-19566

EPSS 0.30% · P53 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-19566

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

dcraw 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

dcraw是美国软件开发者David J. Coffin所研发的一套开源的用于把相机拍的RAW片转换成PPM或者TIFF格式的图片的工具。 dcraw 9.28及之前版本中的parse_tiff_ifd存在基于堆的缓冲区越界读取漏洞。攻击者可借助恶意文件利用该漏洞造成应用程序崩溃或泄露私有信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-19566

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-19566

请登录查看更多情报信息。

https://seclists.org/oss-sec/2018/q4/165x_refsource_MISC
https://seclists.org/oss-sec/2018/q4/171x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2018-19566

Same Patch Batch · n/a · 2018-11-26 · 49 CVEs total

CVE-2018-19560		BageCMS 跨站请求伪造漏洞
CVE-2018-19537		TP-Link Archer C5 安全漏洞
CVE-2018-19540		JasPer 缓冲区错误漏洞
CVE-2018-19528		TP-Link TL-WR886N 安全漏洞
CVE-2018-19530		HTTL 安全漏洞
CVE-2018-19531		HTTL 安全漏洞
CVE-2018-19532		PoDoFo 安全漏洞
CVE-2018-19535		Exiv2 安全漏洞
CVE-2018-19543		JasPer 缓冲区错误漏洞
CVE-2018-19561		sikcms 跨站请求伪造漏洞
CVE-2018-19562		PHPOK 安全漏洞
CVE-2018-19559		CuppaCMS SQL注入漏洞
CVE-2018-19558		arcms SQL注入漏洞
CVE-2018-19557		arcms 安全漏洞
CVE-2018-19556		Z-BlogPHP 输入验证错误漏洞
CVE-2018-19555		tp4a TELEPORT 跨站请求伪造漏洞
CVE-2018-19554		dotCMS 跨站脚本漏洞
CVE-2018-19553		BigCommerec Interspire Email Marketer SQL注入漏洞
CVE-2018-19552		BigCommerec Interspire Email Marketer SQL注入漏洞
CVE-2018-19551		BigCommerec Interspire Email Marketer SQL注入漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-19566

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-19566

I. Basic Information for CVE-2018-19566

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-19566

III. Intelligence Information for CVE-2018-19566

Same Patch Batch · n/a · 2018-11-26 · 49 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-19566

Leave a comment