Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-25289
An issue exists in Pillow prior to 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.
Python Pillow
9.8
CVSSv3
CVE-2019-19948
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
Imagemagick Imagemagick 7.0.8-43
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
9.8
CVSSv3
CVE-2018-16328
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
Imagemagick Imagemagick
9.8
CVSSv3
CVE-2017-13139
In ImageMagick prior to 6.9.9-0 and 7.x prior to 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
Imagemagick Imagemagick 7.0.5-2
Imagemagick Imagemagick 7.0.5-3
Imagemagick Imagemagick 7.0.4-0
Imagemagick Imagemagick 7.0.4-1
Imagemagick Imagemagick 7.0.4-8
Imagemagick Imagemagick 7.0.4-9
Imagemagick Imagemagick 7.0.3-6
Imagemagick Imagemagick 7.0.3-7
Imagemagick Imagemagick 7.0.2-3
Imagemagick Imagemagick 7.0.2-4
Imagemagick Imagemagick 7.0.0-0
Imagemagick Imagemagick 7.0.1-0
Imagemagick Imagemagick 7.0.1-1
Imagemagick Imagemagick 7.0.1-8
Imagemagick Imagemagick 7.0.1-9
Imagemagick Imagemagick 7.0.6-0
Imagemagick Imagemagick 7.0.5-6
Imagemagick Imagemagick 7.0.5-7
Imagemagick Imagemagick 7.0.4-4
Imagemagick Imagemagick 7.0.4-5
Imagemagick Imagemagick 7.0.3-2
Imagemagick Imagemagick 7.0.3-3
9.8
CVSSv3
CVE-2017-9117
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.
Libtiff Libtiff 4.0.7
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
9.8
CVSSv3
CVE-2017-5225
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
Libtiff Libtiff 4.0.7
9.8
CVSSv3
CVE-2016-9539
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
Libtiff Libtiff 4.0.6
9.1
CVSSv3
CVE-2019-19949
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
Imagemagick Imagemagick
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
8.8
CVSSv3
CVE-2023-25434
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
Libtiff Libtiff 4.5.0
8.8
CVSSv3
CVE-2022-3970
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...
Libtiff Libtiff
Netapp Active Iq Unified Manager -
Debian Debian Linux 10.0
Apple Safari
Apple Ipados
Apple Iphone Os
Apple Macos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »