Every CVE whose affected-product data names Entropymine Deark, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-43289 — CVSS 7.8 (high): Deark v.1.6.2 was discovered to contain a stack overflow via the do_prism_read_palette() function at /modules/atari-img.c.
CVE-2021-28855 — CVSS 5.5 (medium): In Deark before 1.5.8, a specially crafted input file can cause a NULL pointer dereference in the dbuf_write function (src/deark-dbuf.c).
CVE-2021-28856 — CVSS 5.5 (medium): In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.