SUSE CVE-2018-10804

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c...

SUSE CVE-2018-19871

An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption...

SUSE CVE-2019-11459

The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...

SUSE CVE-2019-12211

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow...

SUSE CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

SUSE CVE-2022-0284

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format TIFF image to convert it into a PICON file format. This issue can potentially lead to a...

LibTIFF 缓冲区错误漏洞

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains a number of command-line tools for processing TIFF files. libTIFF suffers from an out-of-bounds read vulnerability, which stems from a boundary error in iffcrop at tools/tiffcrop.c:3488 when...

The vulnerability affects the Windows GDI component of the Microsoft Message Passing System, the Microsoft Office software suite, and the Windows operating system. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the Windows GDI component in the Microsoft Lync messaging system, the Microsoft Office suite of programs, and the Windows operating system is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a speciall...

PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF format files from Tracker Software, a Canadian company. A security vulnerability exists in PDF-XChange Editor that originates from a problem with the parsing of certain TIF files...

DEBIAN-CVE-2022-48281

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow e.g., "WRITE of size 307203" via a crafted TIFF image...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an image read/write library, along with a number of tools and applications. An out-of-bounds read vulnerability exists in OpenImageIO. The vulnerability is caused due to an out-of-bounds read vulnerability when processing string fields in TIFF image files. An attacker can exploit...

USN-5705-1: LibTIFF vulnerabilities

Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted image file and potentially use this issue to allow for information disclosure or to cause the application to crash. CVE-2022-3570 It was...

UBUNTU-CVE-2022-3570

Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...

ALPINE-CVE-2022-3598

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b...

The vulnerability of the tif_dirread.c component in the LibTIFF library, which allows a hacker to cause a service failure

The vulnerability of the tifdirread.c component in the LibTIFF library is related to pointer manipulation errors. Exploiting this vulnerability allows an attacker to cause a service failure by using a specially created TIFF file...

tesseract 数字错误漏洞

tesseract is an open source OCR Optical Character Recognition engine. A numeric error vulnerability exists in the Leptonica linked library v1.79.0 in tesseract v5.0.0, which can be exploited by an attacker to cause an arithmetic anomaly via a specially crafted JPEG file, leading to a denial of...

UBUNTU-CVE-2022-1354

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service...

CVE-2022-0284

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format TIFF image to convert it into a PICON file format. This issue can potentially lead to a...

UBUNTU-CVE-2022-34526

A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities...

Fedora: Security Advisory for libtiff (FEDORA-2022-edf7301147)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...