Filtered by vendor Libtiff
Subscriptions
Filtered by product Libtiff
Subscriptions
Total
255 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17100 | 4 Canonical, Debian, Libtiff and 1 more | 4 Ubuntu Linux, Debian Linux, Libtiff and 1 more | 2024-11-21 | N/A |
| An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. | ||||
| CVE-2018-17000 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2024-11-21 | N/A |
| A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. | ||||
| CVE-2018-16335 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2024-11-21 | N/A |
| newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. | ||||
| CVE-2018-15209 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2024-11-21 | N/A |
| ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. | ||||
| CVE-2018-12900 | 3 Canonical, Libtiff, Redhat | 3 Ubuntu Linux, Libtiff, Enterprise Linux | 2024-11-21 | N/A |
| Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. | ||||
| CVE-2018-10963 | 4 Canonical, Debian, Libtiff and 1 more | 4 Ubuntu Linux, Debian Linux, Libtiff and 1 more | 2024-11-21 | N/A |
| The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | ||||
| CVE-2018-10801 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff. | ||||
| CVE-2018-10779 | 3 Canonical, Libtiff, Redhat | 3 Ubuntu Linux, Libtiff, Enterprise Linux | 2024-11-21 | N/A |
| TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. | ||||
| CVE-2018-10126 | 1 Libtiff | 1 Libtiff | 2024-11-21 | 6.5 Medium |
| ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c. | ||||
| CVE-2017-18013 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. | ||||
| CVE-2017-16232 | 3 Libtiff, Opensuse, Suse | 5 Libtiff, Leap, Linux Enterprise Desktop and 2 more | 2024-11-21 | N/A |
| LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue | ||||
| CVE-2016-5314 | 4 Debian, Libtiff, Opensuse and 1 more | 5 Debian Linux, Libtiff, Leap and 2 more | 2024-11-21 | N/A |
| Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. | ||||
| CVE-2014-8130 | 3 Apple, Libtiff, Redhat | 10 Iphone Os, Mac Os X, Libtiff and 7 more | 2024-11-21 | N/A |
| The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither. | ||||
| CVE-2014-8129 | 4 Apple, Debian, Libtiff and 1 more | 9 Iphone Os, Mac Os X, Debian Linux and 6 more | 2024-11-21 | N/A |
| LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. | ||||
| CVE-2014-8128 | 2 Apple, Libtiff | 3 Iphone Os, Mac Os X, Libtiff | 2024-11-21 | 6.5 Medium |
| LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image. | ||||