Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-1544
Stack-based buffer overflow in libTIFF prior to 3.7.2 allows remote malicious users to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.4
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.5.2
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.7.1
Libtiff Libtiff 3.5.6
Libtiff Libtiff 3.5.7
1 EDB exploit
890
VMScore
CVE-2004-1308
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote malicious users to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflo...
Libtiff Libtiff 3.4
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.7.0
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.5
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.5.1
Libtiff Libtiff 3.5.2
828
VMScore
CVE-2009-2347
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 up to and including 3.8.2, 3.9, and 4.0 allow context-dependent malicious users to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buff...
Libtiff Libtiff 3.8.0
Libtiff Libtiff 3.8.1
Libtiff Libtiff 3.9
Libtiff Libtiff 4.0
Libtiff Libtiff 3.8.2
445
VMScore
CVE-2005-2452
libtiff up to 3.7.0 allows remote malicious users to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CV...
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.6.1
Libtiff Libtiff 3.5.5
385
VMScore
CVE-2010-2597
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote malicious users to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" ...
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.9.2
668
VMScore
CVE-2010-2233
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, relat...
Libtiff Libtiff 3.9.2
Libtiff Libtiff 3.9.0
383
VMScore
CVE-2010-2595
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote malicious users to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index ...
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.9.2
383
VMScore
CVE-2010-2596
The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote malicious users to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJPEG input."
Libtiff Libtiff 3.9.0
Libtiff Libtiff 3.9.2
668
VMScore
CVE-2006-3460
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) prior to 3.8.2 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSiz...
Libtiff Libtiff
383
VMScore
CVE-2004-0804
Vulnerability in tif_dirread.c for libtiff allows remote malicious users to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
Libtiff Libtiff
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »