Lucene search
K

102 matches found

Prion
Prion
added 2023/05/17 10:15 p.m.14 views

Null pointer dereference

A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...

1.9CVSS5.2AI score0.00427EPSS
Exploits1References5Affected Software3
Cvelist
Cvelist
added 2023/05/17 12:0 a.m.21 views

CVE-2023-2731

A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...

5.7AI score0.00427EPSS
Exploits1References5
CVE
CVE
added 2023/05/17 12:0 a.m.141 views

CVE-2023-2731

The CVE-2023-2731 issue is a NULL pointer dereference in Libtiff’s LZWDecode() (libtiff/tif_lzw.c). It allows a local attacker to craft input data to cause a crash or denial of service when decompressing TIFF files. Connected advisories confirm libtiff-related fixes and updated packages (e.g., va...

5.5CVSS5.2AI score0.00427EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/05/17 12:0 a.m.32 views

CVE-2023-2731

A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...

5.5CVSS6.8AI score0.00427EPSS
Exploits1References2
OSV
OSV
added 2023/05/17 12:0 a.m.27 views

CVE-2023-2731

A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...

5.5CVSS6.7AI score0.00427EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2023/05/17 12:0 a.m.21 views

CVE-2023-2731

A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...

5.5CVSS6.8AI score0.00427EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2023/05/16 2:0 p.m.102 views

CVE-2023-2731

A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...

5.5CVSS6.4AI score0.00427EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/04/22 12:0 a.m.3 views

PT-2023-3429 · Libtiff +7 · Libtiff +7

Name of the Vulnerable Software and Affected Versions: LibTIFF affected versions not specified Description: The issue is related to a NULL pointer dereference flaw in the LZWDecode function, located in the libtiff/tif lzw.c file. This flaw can be exploited by a local attacker who crafts specific...

8.8CVSS6.6AI score0.02187EPSS
Exploits53References257
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.3 views

SUSE CVE-2018-18661

An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tiflzw.c...

3.3CVSS9.3AI score0.0287EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.3 views

SUSE CVE-2022-1623

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

5.5CVSS6.7AI score0.0122EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.3 views

SUSE CVE-2022-1622

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

5.5CVSS6.7AI score0.01684EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/01/29 12:0 a.m.35 views

Debian DSA-5333-1 : tiff - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5333 advisory. Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format TIFF library and tools, whi...

7.8CVSS6.6AI score0.01684EPSS
Exploits17References46
Tenable Nessus
Tenable Nessus
added 2022/11/05 12:0 a.m.58 views

Amazon Linux 2022 : libtiff, libtiff-devel, libtiff-static (ALAS2022-2022-183)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-183 advisory. Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available wi...

6.1CVSS6.7AI score0.01684EPSS
Exploits5References13
OSV
OSV
added 2022/06/29 11:3 a.m.2 views

OESA-2022-1728 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

5.5CVSS6.7AI score0.01684EPSS
Exploits2References3
Mageia
Mageia
added 2022/06/24 8:50 p.m.59 views

Updated libtiff packages fix security vulnerability

Heap-buffer-overflow in TIFFReadRawDataStriped in tiffinfo.c. CVE-2022-1354 Stack-buffer-overflow in tiffcp.c in main. CVE-2022-1355 Out-of-bounds read in LZWDecode. CVE-2022-1622, CVE-2022-1623...

6.1CVSS3AI score0.01684EPSS
Exploits4References2
Microsoft CVE
Microsoft CVE
added 2022/05/19 7:0 a.m.5 views

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit b4e79bfa.

...

5.5CVSS6.9AI score0.0122EPSS
Exploits1
Veracode
Veracode
added 2022/05/12 3:58 a.m.31 views

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service attacks. The vulnerability exists in the LZWDecode function the tiflzw.c which allows a malicious user to cause denial-of-service conditions via an out-of-bounds read through a crafted tiff file...

5.5CVSS3.6AI score0.01684EPSS
Exploits1References18Affected Software1
RedhatCVE
RedhatCVE
added 2022/05/11 7:8 p.m.47 views

CVE-2022-1623

An out-of-bounds read vulnerability was found in Libtiff's LZWDecode function in libtiff/tiflzw.c. This flaw allows an attacker to perform a denial-of-service attack via a crafted tiff file, leading to the application crashing...

5.5CVSS4.5AI score0.0122EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/05/11 7:8 p.m.59 views

CVE-2022-1622

An out-of-bounds read vulnerability was found in Libtiff's LZWDecode function in libtiff/tiflzw.c. This flaw allows an attacker to perform a denial-of-service attack via a crafted tiff file, leading to the application crashing...

5.5CVSS4.5AI score0.01684EPSS
Exploits1References3
NVD
NVD
added 2022/05/11 3:15 p.m.18 views

CVE-2022-1623

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

5.5CVSS0.0122EPSS
Exploits1References8
Rows per page
Query Builder