VIR Vulnerability Intelligence Relay

Search

Found 52 results in 22ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-4775 high 7.8 7.8 FIX rhel sles rocky libtiffredhat 1mo ago RHSA-2026:20585: compat-libtiff3 security update (Important)
CVE-2023-52356 high 7.5 7.5 FIX rhel rocky sles libtiff 7mo ago RHSA-2024:5079: libtiff security update (Moderate)
CVE-2025-8176 high 7.8 7.8 FIX rocky rhel sles libtiff 7mo ago RHSA-2025:20034: libtiff security update (Important)
CVE-2025-9165 low 2.5 2.5 FIX slesdebian debian libtiff 10mo ago A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipul…
CVE-2025-8961 low 3.3 3.3 FIX slesdebian debian libtiff 10mo ago A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can …
CVE-2025-8534 low 2.5 2.5 FIX slesdebian debian libtiff 10mo ago A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads …
CVE-2017-17095 high 8.8 9.8 EXPFIX rhel rocky sles libtiff 3y ago RHSA-2025:4658: libtiff security update (Moderate)
CVE-2017-17973 high 8.8 8.8 sles libtiff 9y ago In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue
CVE-2017-17942 high 8.8 8.8 FIX slesdebian debian libtiff 9y ago In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.
CVE-2017-12944 high 7.5 7.5 FIX slesdebian debian libtiff 9y ago The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and appl…
CVE-2017-11335 high 8.8 8.8 FIX slesdebian debian libtiff 9y ago There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode fu…
CVE-2017-10688 high 7.5 8.5 EXPFIX slesdebian debian libtiff 9y ago In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack.
CVE-2017-9935 high 8.8 8.8 FIX arch arch slesdebian debian libtiff 9y ago In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can…
CVE-2017-7602 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7601 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unsp…
CVE-2017-7600 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or…
CVE-2017-7599 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibl…
CVE-2017-7598 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
CVE-2017-7597 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application …
CVE-2017-7596 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibl…
CVE-2017-7592 high 7.8 7.8 FIX arch arch slesdebian debian libtiff 9y ago The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly…
CVE-2016-10272 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and…
CVE-2016-10271 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF i…
CVE-2016-10270 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and li…
CVE-2016-10269 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer…
CVE-2016-10268 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF …
CVE-2016-10094 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image.
CVE-2016-10093 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.…
CVE-2016-10092 high 7.8 7.8 FIX slesdebian debian libtiff 9y ago Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.…
CVE-2016-9453 high 7.8 7.8 FIX slesarch archdebian debian libtiff 10y ago The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIF…
CVE-2016-9448 high 7.5 7.5 FIX arch arch slessuse suse libtiff 10y ago The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_…
CVE-2017-5563 high 8.8 8.8 FIX slesdebian debian libtiff 10y ago LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.
CVE-2016-5323 high 7.5 7.5 FIX slesarch archsuse suse libtiff 10y ago The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.
CVE-2016-9297 high 7.5 7.5 FIX arch arch slesdebian debian libtiff 10y ago The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.
CVE-2017-5225 high 8.8 8.8 FIX slesdebian debian libtiff 10y ago LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
CVE-2016-5652 high 7.0 7.0 FIX slesarch archdebian debian libtiff 10y ago An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code e…
CVE-2015-8870 high 7.4 7.4 FIX slesdebian debian libtiff 10y ago Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process …
CVE-2016-8331 high 8.1 8.1 FIX slesdebian debian libtiff 10y ago An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remo…
CVE-2016-3658 high 7.5 7.5 FIX slesarch archdebian debian libtiff 10y ago The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vecto…
CVE-2016-3634 high 7.5 7.5 FIX slesarch archdebian debian libtiff 10y ago The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag …
CVE-2016-3633 high 7.5 7.5 FIX slesarch archdebian debian libtiff 10y ago The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
CVE-2016-3631 high 7.5 7.5 FIX slesarch archdebian debian libtiff 10y ago The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytec…
CVE-2016-3624 high 7.5 7.5 FIX slesarch archdebian debian libtiff 10y ago The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
CVE-2016-3623 high 7.5 7.5 FIX slesarch archsuse suse libtiff 10y ago The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
CVE-2016-3621 high 8.8 8.8 FIX slesarch archdebian debian libtiff 10y ago The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a …
CVE-2016-3620 high 7.5 7.5 FIX slesarch archdebian debian libtiff 10y ago The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a …
CVE-2016-3991 high 7.8 7.8 FIX slesarch archdebian debian libtiff 10y ago Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary …
CVE-2016-3990 high 7.8 7.8 FIX slesarch archdebian debian libtiff 10y ago Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code …
CVE-2016-3945 high 7.8 7.8 FIX slesarch archdebian debian libtiff 10y ago Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial …
CVE-2016-3632 high 7.8 7.8 FIX slesarch archdebian debian libtiff 10y ago The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
CVE-2012-2088 high 7.5 FIX debian debian libtiff 14y ago Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute …
CVE-2010-2233 high 7.5 FIX debian debian libtiff 16y ago tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (applicatio…