CVE-2026-32741

A flaw was found in libheif, a library for decoding and encoding HEIF High Efficiency Image File Format and AVIF files. A remote attacker could exploit a heap buffer overflow vulnerability in the MaskImageCodec::decodemaskimage function by providing a specially crafted HEIF file containing a mask...

FreeBSD : libXpm -- Out-of-bounds read in xpmNextWord() (dea605e6-41c9-11f1-8455-901b0e13f1a0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the dea605e6-41c9-11f1-8455-901b0e13f1a0 advisory. The X.Org project reports: libXpm uses a number of internal helper functions to parse the XPM file...

[SECURITY] Fedora 42 Update: libpng15-1.5.30-25.fc42

The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG Portable Network Graphics image format files. This version should be used only if you are unable to use the current version of libpng...

MiracleLinux 4 : libtiff-3.9.4-5.AXS4 (AXSA:2012-514:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-514:01 advisory. The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for...

CVE-2025-9165

A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...

SUSE-SU-2025:02770-1 Security update for tiff

This update for tiff fixes the following issues: - Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 - CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 - CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when...

Linux Distros Unpatched Vulnerability : CVE-2025-8177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to an integer overflow in the makeRoom function. An attacker can achieve arbitrary code execution by supplying a crafted input that triggers the buffer overflow. Remediation Upgrade libavif to version...

UBUNTU-CVE-2023-0801

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tifunix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee12...

UBUNTU-CVE-2017-12641

ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c...

libjpeg: information leak (read of uninitialized memory)

The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...

DEBIAN-CVE-2012-2088

Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...

security flaw

Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in 1 the TIFFFetchAnyArray function in a tifdirread.c; 2 certain "codec cleanup methods" in b tiflzw.c, c tifpixarlog.c, and d tifzip.c; 3 and...

DEBIAN-CVE-2006-3461

Heap-based buffer overflow in the PixarLog decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors...