Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25433
libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.
Libtiff Libtiff 4.5.0
NA
CVE-2023-25435
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.
Libtiff Libtiff 4.5.0
4.3
CVSSv2
CVE-2018-10126
LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.
Libtiff Libtiff 4.0.9
4.3
CVSSv2
CVE-2018-10801
TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.
Libtiff Libtiff 3.8.2
6.8
CVSSv2
CVE-2017-5563
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
Libtiff Libtiff 4.0.7
7.5
CVSSv2
CVE-2016-9539
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
Libtiff Libtiff 4.0.6
4.3
CVSSv2
CVE-2017-9147
LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote malicious users to cause a denial of service (crash) via a crafted TIFF file.
Libtiff Libtiff 4.0.7
1 EDB exploit
7.5
CVSSv2
CVE-2017-5225
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
Libtiff Libtiff 4.0.7
4.3
CVSSv2
CVE-2017-18013
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.
Libtiff Libtiff 4.0.9
NA
CVE-2023-30775
A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.
Libtiff Libtiff 4.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »