Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-0796
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
Libtiff Libtiff
5.5
CVSSv3
CVE-2023-2908
A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an malicious user to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eve...
Libtiff Libtiff
5.5
CVSSv3
CVE-2022-4645
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
Libtiff Libtiff
7.5
CVSSv3
CVE-2016-3624
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
Libtiff Libtiff
7.5
CVSSv3
CVE-2016-3631
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and previous versions allow remote malicious users to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.
Libtiff Libtiff
6.5
CVSSv3
CVE-2016-5318
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and previous versions allows remote malicious users to crash the application via a crafted tiff.
Libtiff Libtiff
6.5
CVSSv3
CVE-2017-9937
In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.
Libtiff Libtiff
1 Github repository
6.1
CVSSv3
CVE-2023-1916
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue aff...
Libtiff Libtiff
6.5
CVSSv3
CVE-2023-3316
A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.
Libtiff Libtiff
5.5
CVSSv3
CVE-2023-0797
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is availa...
Libtiff Libtiff
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »