Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-15139
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows malicious users to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a...
Imagemagick Imagemagick 7.0.8-41
8.8
CVSSv3
CVE-2019-15140
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
Imagemagick Imagemagick 7.0.8-43
6.5
CVSSv3
CVE-2019-15141
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows malicious users to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectoryS...
Imagemagick Imagemagick 7.0.8-43
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-14973
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF up to and including 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
Libtiff Libtiff
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
6.5
CVSSv3
CVE-2019-14980
In ImageMagick 7.x prior to 7.0.8-42 and 6.x prior to 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an malicious user to cause a denial of service by sending a crafted file.
Imagemagick Imagemagick
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-14981
In ImageMagick 7.x prior to 7.0.8-41 and 6.x prior to 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an malicious user to cause a denial of service by sending a crafted file.
Imagemagick Imagemagick
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.0
Opensuse Leap 15.1
6.5
CVSSv3
CVE-2019-13454
ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.
Imagemagick Imagemagick 7.0.8-54
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.0
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2019-13295
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
Imagemagick Imagemagick 7.0.8-50
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
8.8
CVSSv3
CVE-2019-13297
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.
Imagemagick Imagemagick 7.0.8-50
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.0
Opensuse Leap 15.1
8.8
CVSSv3
CVE-2019-13300
ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.
Imagemagick Imagemagick 7.0.8-50
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.0
Opensuse Leap 15.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »