Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-25289
An issue exists in Pillow prior to 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.
Python Pillow
9.8
CVSSv3
CVE-2019-19948
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
Imagemagick Imagemagick 7.0.8-43
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
9.8
CVSSv3
CVE-2018-16328
In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
Imagemagick Imagemagick
9.8
CVSSv3
CVE-2017-13139
In ImageMagick prior to 6.9.9-0 and 7.x prior to 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
Imagemagick Imagemagick 7.0.5-2
Imagemagick Imagemagick 7.0.5-3
Imagemagick Imagemagick 7.0.4-0
Imagemagick Imagemagick 7.0.4-1
Imagemagick Imagemagick 7.0.4-8
Imagemagick Imagemagick 7.0.4-9
Imagemagick Imagemagick 7.0.3-6
Imagemagick Imagemagick 7.0.3-7
Imagemagick Imagemagick 7.0.2-3
Imagemagick Imagemagick 7.0.2-4
Imagemagick Imagemagick 7.0.0-0
Imagemagick Imagemagick 7.0.1-0
Imagemagick Imagemagick 7.0.1-1
Imagemagick Imagemagick 7.0.1-8
Imagemagick Imagemagick 7.0.1-9
Imagemagick Imagemagick 7.0.6-0
Imagemagick Imagemagick 7.0.5-6
Imagemagick Imagemagick 7.0.5-7
Imagemagick Imagemagick 7.0.4-4
Imagemagick Imagemagick 7.0.4-5
Imagemagick Imagemagick 7.0.3-2
Imagemagick Imagemagick 7.0.3-3
9.8
CVSSv3
CVE-2017-9117
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.
Libtiff Libtiff 4.0.7
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
9.8
CVSSv3
CVE-2017-5225
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
Libtiff Libtiff 4.0.7
9.8
CVSSv3
CVE-2016-9539
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
Libtiff Libtiff 4.0.6
9.1
CVSSv3
CVE-2019-19949
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.
Imagemagick Imagemagick
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
8.8
CVSSv3
CVE-2023-25434
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
Libtiff Libtiff 4.5.0
8.8
CVSSv3
CVE-2022-3970
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...
Libtiff Libtiff
Netapp Active Iq Unified Manager -
Debian Debian Linux 10.0
Apple Safari
Apple Ipados
Apple Iphone Os
Apple Macos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »