Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-26965
loadImage() in tools/tiffcrop.c in LibTIFF up to and including 4.5.0 has a heap-based use after free via a crafted TIFF image.
Libtiff Libtiff
7.5
CVSSv3
CVE-2016-3624
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
Libtiff Libtiff
6.5
CVSSv3
CVE-2016-3625
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
Libtiff Libtiff
5.5
CVSSv3
CVE-2023-2908
A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an malicious user to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eve...
Libtiff Libtiff
5.5
CVSSv3
CVE-2022-4645
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
Libtiff Libtiff
5.5
CVSSv3
CVE-2015-7313
LibTIFF allows remote malicious users to cause a denial of service (memory consumption and crash) via a crafted tiff file.
Libtiff Libtiff -
NA
CVE-2012-1173
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote malicious users to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer ov...
Libtiff Libtiff 3.9.4
8.8
CVSSv3
CVE-2017-17942
In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.
Libtiff Libtiff 4.0.9
8.8
CVSSv3
CVE-2017-17973
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue
Libtiff Libtiff 4.0.8
5.5
CVSSv3
CVE-2023-30086
Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local malicious user to cause a denial of service via the tiffcp function in tiffcp.c.
Libtiff Libtiff 4.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »