Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-0804
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
Libtiff Libtiff
5.5
CVSSv3
CVE-2023-26965
loadImage() in tools/tiffcrop.c in LibTIFF up to and including 4.5.0 has a heap-based use after free via a crafted TIFF image.
Libtiff Libtiff
5.5
CVSSv3
CVE-2022-4645
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
Libtiff Libtiff
6.5
CVSSv3
CVE-2022-40090
An issue exists in function TIFFReadDirectory libtiff prior to 4.4.0 allows malicious users to cause a denial of service via crafted TIFF file.
Libtiff Libtiff
5.5
CVSSv3
CVE-2023-2908
A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an malicious user to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eve...
Libtiff Libtiff
8.8
CVSSv3
CVE-2016-3621
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and previous versions, when the "-c lzw" option is used, allows remote malicious users to cause a denial of service (buffer over-read) via a crafted BMP image.
Libtiff Libtiff
6.5
CVSSv3
CVE-2016-3625
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
Libtiff Libtiff
7.5
CVSSv3
CVE-2016-3620
The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and previous versions, when the "-c zip" option is used, allows remote malicious users to cause a denial of service (buffer over-read) via a crafted BMP image.
Libtiff Libtiff
NA
CVE-2006-3460
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) prior to 3.8.2 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSiz...
Libtiff Libtiff
NA
CVE-2006-3461
Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) prior to 3.8.2 might allow context-dependent malicious users to execute arbitrary code via unknown vectors.
Libtiff Libtiff
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »