FreeImage Security Vulnerabilities
An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of...
6.5CVSS
6.1AI Score
0.001EPSS
Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of...
6.5CVSS
6.1AI Score
0.001EPSS
An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary...
8.8CVSS
8.7AI Score
0.001EPSS
A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a...
6.5CVSS
6.2AI Score
0.0005EPSS
An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary...
8.8CVSS
8.7AI Score
0.001EPSS
An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of...
6.5CVSS
6.4AI Score
0.0005EPSS
A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in...
6.5CVSS
6.4AI Score
0.0005EPSS
8.8CVSS
8.8AI Score
0.001EPSS
FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer...
6.5CVSS
7.1AI Score
0.0005EPSS
8.8CVSS
8.6AI Score
0.001EPSS
NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function...
6.5CVSS
6.4AI Score
0.0005EPSS
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico...
8.8CVSS
8.6AI Score
0.001EPSS
Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd...
6.5CVSS
6.4AI Score
0.001EPSS
Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd...
8.8CVSS
8.5AI Score
0.001EPSS
Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM...
6.5CVSS
6.4AI Score
0.001EPSS
Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd...
8.8CVSS
8.6AI Score
0.001EPSS
Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image...
7.8CVSS
7.6AI Score
0.001EPSS
Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image...
7.8CVSS
7.6AI Score
0.001EPSS
Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image...
7.8CVSS
7.6AI Score
0.001EPSS
Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR...
5.5CVSS
5AI Score
0.001EPSS
When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap...
7.5CVSS
7.2AI Score
0.008EPSS
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed...
7.5CVSS
7.3AI Score
0.002EPSS
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack...
6.5CVSS
6.5AI Score
0.003EPSS
In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of...
7.5CVSS
7.5AI Score
0.001EPSS
An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this...
7.8CVSS
7.7AI Score
0.002EPSS
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a...
7.6AI Score
0.055EPSS