Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff 4.0.10 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-3164
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows malicious users to cause a denial of service via a crafted tiff file.
Libtiff Libtiff
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.5
CVSSv3
CVE-2020-18768
There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an malicious user to cause a denial-of-service through a crafted tiff file.
Libtiff Libtiff 4.0.10
7.1
CVSSv3
CVE-2022-0891
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows malicious user to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or ...
Libtiff Libtiff
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Active Iq Unified Manager -
6.5
CVSSv3
CVE-2020-19143
Buffer Overflow in LibTiff v4.0.10 allows malicious users to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.
Simplesystems Libtiff 4.0.10
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2020-19144
Buffer Overflow in LibTiff v4.0.10 allows malicious users to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
Simplesystems Libtiff 4.0.10
Debian Debian Linux 9.0
Netapp Ontap Select Deploy Administration Utility -
7.5
CVSSv3
CVE-2020-19131
Buffer Overflow in LibTiff v4.0.10 allows malicious users to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
Simplesystems Libtiff 4.0.10
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2019-17546
tif_getimage.c in LibTIFF up to and including 4.0.10, as used in GDAL up to and including 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
Libtiff Libtiff
Osgeo Gdal
6.5
CVSSv3
CVE-2019-14973
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF up to and including 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
Libtiff Libtiff
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
6.5
CVSSv3
CVE-2019-7663
An Invalid Address dereference exists in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted t...
Libtiff Libtiff 4.0.10
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 12.04
Opensuse Leap 15.0
8.8
CVSSv3
CVE-2019-6128
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
Libtiff Libtiff 4.0.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 15.0
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »