Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-3598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a...

6.5CVSS6.6AI score0.00938EPSS
Exploits1References2
Amazon
Amazon
added 2024/05/28 12:0 a.m.8 views

Important: libtiff

Issue Overview: Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...

7.7CVSS9.1AI score0.01131EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/10/03 12:0 a.m.31 views

Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2023-364)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-364 advisory. LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that...

6.5CVSS7.3AI score0.01131EPSS
Exploits2References12
OpenVAS
OpenVAS
added 2023/05/16 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1936)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.01385EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.41 views

AlmaLinux 9 : libtiff (ALSA-2023:2340)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2340 advisory. - Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access v...

8.8CVSS6.3AI score0.01237EPSS
Exploits9References11
RedHat Linux
RedHat Linux
added 2023/05/09 10:2 a.m.118 views

Moderate: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS6.8AI score0.01237EPSS
Exploits10References12
OSV
OSV
added 2023/05/09 12:0 a.m.27 views

ALSA-2023:2340 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: heap Buffer overflows in tiffcrop.c CVE-2022-3570 libtiff: out-of-bounds write in TIFFmemcpy in libtiff/tifunix CVE-2022-3597 libtiff: out-of-bounds write in...

8.8CVSS7.8AI score0.01237EPSS
Exploits9References22
OpenVAS
OpenVAS
added 2023/02/10 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1363)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.01237EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2023/02/10 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1391)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.01237EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1039)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS6.8AI score0.01255EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1104)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01255EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2023/01/09 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.01255EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2023/01/06 12:0 a.m.36 views

EulerOS 2.0 SP9 : libtiff (EulerOS-SA-2023-1104)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile...

8.8CVSS6.3AI score0.01255EPSS
Exploits10References11
ALT Linux
ALT Linux
added 2022/12/27 12:0 a.m.54 views

Security fix for the ALT Linux 10 package libtiff version 4.4.0-alt2

4.4.0-alt2 built Dec. 27, 2022 Alexander Danilov in task 311968 Dec. 18, 2022 Vladimir D. Seleznev - Applied SUSE patches fixed tiff-CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, CVE-2022-3627,...

4.3CVSS7.2AI score0.01385EPSS
Exploits13
OSV
OSV
added 2022/12/13 3:21 a.m.5 views

SUSE-SU-2022:4411-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2022-3570: Fixed heap buffer overflows in tiffcrop.c bsc1205422. - CVE-2022-3598: Fixed out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c bsc1204642...

7.7CVSS7.3AI score0.00938EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2022/12/13 12:0 a.m.33 views

SUSE SLED15: libtiff-devel / libtiff-devel-32bit / libtiff5 / libtiff5-32bit / etc (SUSE-SU-2022:4411-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4411-1 advisory. - CVE-2022-3570: Fixed heap buffer overflows in tiffcrop.c bsc1205422. - CVE-2022-3598: Fixed...

7.7CVSS6.8AI score0.00938EPSS
Exploits2References7
CBLMariner
CBLMariner
added 2022/11/30 4:44 a.m.11 views

CVE-2022-3598 affecting package libtiff for versions less than 4.4.0-6

CVE-2022-3598 affecting package libtiff for versions less than 4.4.0-6. A patched version of the package is available...

6.5CVSS6.9AI score0.00938EPSS
Exploits1
CBLMariner
CBLMariner
added 2022/11/24 12:45 a.m.11 views

CVE-2022-3598 affecting package libtiff 4.4.0-4

CVE-2022-3598 affecting package libtiff 4.4.0-4. A patched version of the package is available...

6.5CVSS6.9AI score0.00938EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2022/11/15 6:56 a.m.44 views

CVE-2022-3598

An out-of-bounds write flaw was found in the extractContigSamplesShifted24bits function in tools/tiffcrop.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition...

6.5CVSS6.4AI score0.00938EPSS
Exploits1References3
Mageia
Mageia
added 2022/11/08 7:44 p.m.148 views

Updated libtiff packages fix security vulnerability

There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1. CVE-2022-2519 A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input. CVE-2022-2520 It w...

7.7CVSS6.8AI score0.00985EPSS
Exploits5References3
Rows per page
Query Builder