CRITICAL9.8CVE-2017-9117In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-in… from 0, < 4.0.7-1
CRITICAL9.8CVE-2017-5225LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerS… from 0, < 4.0.7-5
CRITICAL9.8CVE-2016-9540tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. from 0, < 4.0.7-1
CRITICAL9.8tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer().
from 0, < 4.0.7-1
CRITICAL9.8tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow.
from 0, < 4.0.7-1
CRITICAL9.8tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers.
from 0, < 4.0.7-1
CRITICAL9.8tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip().
from 0, < 4.0.7-1
CRITICAL9.8tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in…
from 0, < 4.0.7-1
CRITICAL9.8tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members.
from 0, < 4.0.7-1
CRITICAL9.8tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers.
from 0, < 4.0.7-1
CRITICAL9.8Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attac…
from 0, < 4.0.6-3
CRITICAL9.8tiff3 - security update
from 0, < 4.0.7-7
CRITICAL9.1The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of ser…
from 0, < 4.0.6-2
HIGH8.8tiff - security update
from 0, < 4.2.0-1+deb11u7
HIGH8.8tiff - security update
from 0, < 4.5.0-6+deb12u3
HIGH8.8libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
from 0, < 4.2.0-1+deb11u4
HIGH8.8A vulnerability was found in LibTIFF.
from 0, < 4.2.0-1+deb11u3
HIGH8.8gdal - security update
from 0, < 4.0.10+git190818-1
HIGH8.8The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
from 0, < 4.0.10-4
HIGH8.8LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta,…
from 0, < 4.0.9+git181026-1
HIGH8.8The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buff…
from 0, < 4.0.9-2
HIGH8.8An issue was discovered in LibTIFF 4.0.9.
from 0, < 4.0.9+git181026-1
HIGH8.8tiff - security update
from 0, < 4.0.9+git181026-1
HIGH8.8tiff - security update
from 0, < 4.0.3-12.3+deb8u7
HIGH8.8newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service…
from 0, < 4.0.9-5
HIGH8.8ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer ove…
from 0, < 4.0.9-5
HIGH8.8tiff - security update
from 0, < 4.0.10-4
HIGH8.8tiff - security update
from 0, < 4.0.8-2+deb9u5
HIGH8.8tiff3 - security update
from 0, < 4.0.9-6
HIGH8.8tiff3 - security update
from 0, < 4.0.2-6+deb7u20
HIGH8.8Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of…
from 0, < 4.0.6-2
HIGH8.8LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a cr…
from 0, < 4.0.3-12.1
HIGH8.8LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function i…
from 0, < 4.0.6-3
HIGH8.8In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.
from 0, < 4.0.6-3
HIGH8.8tiff - security update
from 0, < 4.0.9-5
HIGH8.8tiff - security update
from 0, < 4.0.3-12.3+deb8u10
HIGH8.8tiff - security update
from 0, < 4.0.3-12.3+deb8u5
HIGH8.8tiff - security update
from 0, < 4.0.8-4
HIGH8.8tiff - security update
from 0, < 4.0.2-6+deb7u16
HIGH8.8tiff - security update
from 0, < 4.0.9-2
HIGH8.8tiff - security update
from 0, < 4.0.2-6+deb7u17
HIGH8.8LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp imag…
from 0, < 4.0.7-1
HIGH8.8The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote atta…
from 0, < 4.0.6-3
HIGH8.1An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6.
from 0, < 4.0.6-3
HIGH7.8A flaw was found in the libtiff library.
from 0, < 4.2.0-1+deb11u8
HIGH7.8A vulnerability was found in LibTIFF up to 4.7.0.
from 0
HIGH7.8A vulnerability was found in LibTIFF up to 4.7.0.
from 0
HIGH7.8A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool.
from 0, < 4.1.0+git201212-1
HIGH7.8tiff - security update
from 0, < 4.0.8-2+deb9u6
HIGH7.8tiff - security update
from 0, < 4.1.0+git201212-1
HIGH7.8tiff - security update
from 0, < 4.1.0+git191117-2~deb10u2
HIGH7.8LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibl…
from 0, < 4.0.7-6
HIGH7.8LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a…
from 0, < 4.0.7-6
HIGH7.8LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote a…
from 0, < 4.0.7-6
HIGH7.8LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers…
from 0, < 4.0.7-6
HIGH7.8tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a…
from 0, < 4.0.7-6
HIGH7.8tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow…
from 0, < 4.0.7-6
HIGH7.8LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers…
from 0, < 4.0.7-6
HIGH7.8tiff - security update
from 0, < 4.0.7-6
HIGH7.8tiff - security update
from 0, < 4.0.2-6+deb7u12
HIGH7.8LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact v…
from 0, < 4.0.7-2
HIGH7.8tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or…
from 0, < 4.0.7-2
HIGH7.8LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact…
from 0, < 4.0.7-2
HIGH7.8LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remo…
from 0, < 4.0.7-2
HIGH7.8tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) o…
from 0, < 4.0.7-2
HIGH7.8Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecif…
from 0, < 4.0.7-4
HIGH7.8Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7,…
from 0, < 4.0.7-2
HIGH7.8tiff - security update
from 0, < 4.0.7-2
HIGH7.8tiff - security update
from 0, < 4.0.2-6+deb7u9
HIGH7.8tiff - security update
from 0, < 4.0.3-12.3+deb8u2
HIGH7.8The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) o…
from 0, < 4.0.6-3
HIGH7.8tiff - security update
from 0, < 4.0.7-1
HIGH7.8tiff - security update
from 0, < 4.0.2-6+deb7u6
HIGH7.8Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to…
from 0, < 4.0.7-1
HIGH7.8Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -…
from 0, < 4.0.7-1
HIGH7.8The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-boun…
from 0, < 4.0.6-3
HIGH7.5A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`.
from 0, < 4.2.0-1+deb11u6
HIGH7.5A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API.
from 0, < 4.2.0-1+deb11u6
HIGH7.5An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API.
from 0
HIGH7.5Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcro…
from 0, < 4.0.10+git190814-1
HIGH7.5LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonst…
from 0
HIGH7.5The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attacke…
from 0, < 4.0.8-6
HIGH7.5tiff - security update
from 0, < 4.0.8-3
HIGH7.5tiff - security update
from 0, < 4.0.2-6+deb7u15
HIGH7.5tiff - security update
from 0, < 4.0.3-12.3+deb8u4
HIGH7.5The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and appli…
from 0, < 4.0.6-2
HIGH7.5The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF…
from 0, < 4.0.7-1
HIGH7.5The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers…
from 0, < 4.0.6-3
HIGH7.5The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of se…
from 0, < 4.0.6-3
HIGH7.5The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds…
from 0, < 4.0.6-3
HIGH7.5The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of s…
from 0, < 4.0.6-3
HIGH7.5The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bound…
from 0, < 4.0.6-3
HIGH7.5The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v…
from 0, < 4.0.6-3
HIGH7.5The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote atta…
from 0, < 4.0.6-3
HIGH7.4Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-r…
from 0, < 4.0.3-12
HIGH7.3libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
from 0
HIGH7.1A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or…
from 0, < 4.2.0-1+deb11u1
HIGH7.0An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool.
from 0, < 4.0.6-3
MEDIUM6.5An out-of-memory flaw was found in libtiff.
from 0
MEDIUM6.5A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c.
from 0, < 4.2.0-1+deb11u5