Lucene search

K

FreeImage Security Vulnerabilities

cve
cve

CVE-2023-47997

An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of...

6.5CVSS

6.1AI Score

0.001EPSS

2024-01-10 12:15 AM
61
cve
cve

CVE-2023-47995

Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of...

6.5CVSS

6.1AI Score

0.001EPSS

2024-01-09 11:15 PM
54
cve
cve

CVE-2023-47992

An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary...

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-09 11:15 PM
8
cve
cve

CVE-2023-47993

A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a...

6.5CVSS

6.2AI Score

0.0005EPSS

2024-01-09 11:15 PM
7
cve
cve

CVE-2023-47994

An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary...

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-09 11:15 PM
12
cve
cve

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of...

6.5CVSS

6.4AI Score

0.0005EPSS

2024-01-09 11:15 PM
9
cve
cve

CVE-2021-40265

A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in...

8.8CVSS

8.8AI Score

0.001EPSS

2023-08-22 07:16 PM
24
cve
cve

CVE-2021-40262

A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in...

6.5CVSS

6.4AI Score

0.0005EPSS

2023-08-22 07:16 PM
28
cve
cve

CVE-2021-40266

FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer...

6.5CVSS

7.1AI Score

0.0005EPSS

2023-08-22 07:16 PM
19
cve
cve

CVE-2021-40263

A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in...

8.8CVSS

8.6AI Score

0.001EPSS

2023-08-22 07:16 PM
21
cve
cve

CVE-2021-40264

NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function...

6.5CVSS

6.4AI Score

0.0005EPSS

2023-08-22 07:16 PM
15
cve
cve

CVE-2020-24292

Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico...

8.8CVSS

8.6AI Score

0.001EPSS

2023-08-22 07:16 PM
17
cve
cve

CVE-2020-24294

Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd...

6.5CVSS

6.4AI Score

0.001EPSS

2023-08-22 07:16 PM
12
cve
cve

CVE-2020-24295

Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd...

8.8CVSS

8.5AI Score

0.001EPSS

2023-08-22 07:16 PM
13
cve
cve

CVE-2020-22524

Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM...

6.5CVSS

6.4AI Score

0.001EPSS

2023-08-22 07:16 PM
22
cve
cve

CVE-2020-24293

Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd...

8.8CVSS

8.6AI Score

0.001EPSS

2023-08-22 07:16 PM
14
cve
cve

CVE-2020-21428

Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image...

7.8CVSS

7.6AI Score

0.001EPSS

2023-08-22 07:16 PM
27
cve
cve

CVE-2020-21427

Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image...

7.8CVSS

7.6AI Score

0.001EPSS

2023-08-22 07:16 PM
21
cve
cve

CVE-2020-21426

Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image...

7.8CVSS

7.6AI Score

0.001EPSS

2023-08-22 07:16 PM
18
cve
cve

CVE-2021-33367

Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR...

5.5CVSS

5AI Score

0.001EPSS

2023-02-22 09:15 PM
21
cve
cve

CVE-2019-12211

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap...

7.5CVSS

7.2AI Score

0.008EPSS

2019-05-20 04:29 PM
71
cve
cve

CVE-2019-12213

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack...

6.5CVSS

6.5AI Score

0.003EPSS

2019-05-20 04:29 PM
79
cve
cve

CVE-2019-12212

When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed...

7.5CVSS

7.3AI Score

0.002EPSS

2019-05-20 04:29 PM
24
cve
cve

CVE-2019-12214

In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of...

7.5CVSS

7.5AI Score

0.001EPSS

2019-05-20 04:29 PM
26
cve
cve

CVE-2016-5684

An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this...

7.8CVSS

7.7AI Score

0.002EPSS

2017-01-06 09:59 PM
39
4
cve
cve

CVE-2015-0852

Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a...

7.6AI Score

0.055EPSS

2015-09-29 06:59 PM
37