Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2017-18273
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows malicious users to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList ca...
Imagemagick Imagemagick 7.0.7-16
Debian Debian Linux 7.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
7.1
CVSSv2
CVE-2017-1000476
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows malicious users to cause a denial of service.
Imagemagick Imagemagick 7.0.7-12
Debian Debian Linux 7.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
7.1
CVSSv2
CVE-2017-11166
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
Imagemagick Imagemagick 7.0.5-6
6.8
CVSSv2
CVE-2020-35523
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an malicious user to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as wel...
Libtiff Libtiff
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Ontap Select Deploy Administration Utility -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
6.8
CVSSv2
CVE-2020-35524
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as syste...
Libtiff Libtiff
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Netapp Ontap Select Deploy Administration Utility -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
6.8
CVSSv2
CVE-2020-35654
In Pillow prior to 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
Python Pillow
Fedoraproject Fedora 32
Fedoraproject Fedora 33
6.8
CVSSv2
CVE-2019-17540
ImageMagick prior to 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
Imagemagick Imagemagick
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2019-17541
ImageMagick prior to 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Imagemagick Imagemagick
1 Github repository
6.8
CVSSv2
CVE-2019-17546
tif_getimage.c in LibTIFF up to and including 4.0.10, as used in GDAL up to and including 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
Libtiff Libtiff
Osgeo Gdal
6.8
CVSSv2
CVE-2019-15140
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
Imagemagick Imagemagick 7.0.8-43
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »