7764 matches found
TencentOS Server 2: compat-libtiff3 (TSSA-2026:0537)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0537 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
SUSE-SU-2026:22234-1 Security update for tiff
This update for tiff fixes the following issues Security issues: - CVE-2025-8851: libtiff: LibTIFF Stack-based buffer overflow bsc1248278. - CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411. Non security issue: - QGIS can't export with GDAL- LERC codec,...
OPENSUSE-SU-2026:20995-1 Security update for tiff
This update for tiff fixes the following issues Security issues: - CVE-2025-8851: libtiff: LibTIFF Stack-based buffer overflow bsc1248278. - CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411. Non security issue: - QGIS can't export with GDAL- LERC codec,...
Astra Linux – Vulnerability in TIF format
The tiffcrop tool in libtiff has a uint32t underflow issue, which can lead to out-of-bounds read and write operations in the extractContigSamples8bits routine. An attacker who provides a crafted file to tiffcrop could exploit this flaw, likely by tricking a user into opening the crafted file with...
Astra Linux – Vulnerability in TIF format
LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in the writeSingleSection function located at line 7345 in the tools/tiffcrop.c file. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIFF file. For users who compile LibTIFF from source code, t...
Astra Linux – Vulnerability in Tiff
A vulnerability was discovered in the TIFFReadDirectory function of libtiff before version 4.4.0, which allows attackers to cause a denial of service through a crafted TIFF file...
Astra Linux – Vulnerability in TIF format
The "Divide By Zero" error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f8d0f9aa...
Astra Linux – Vulnerability in Tiff
The processCropSelections function in the tools/tiffcrop.c file of LibTIFF, as of version 4.5.0, has a heap-based buffer overflow vulnerability. This vulnerability occurs due to a crafted TIFF image being written with a size of 307203 bytes...
Astra Linux – Vulnerability in TIF format
LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 3701 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious tiff file. For users who compile LibTIFF from source code, the fix is available in the comm...
Astra Linux – Vulnerability in TIF format
LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in the extractContigSamplesShifted24bits function in tools/tiffcrop.c:3604. This vulnerability allows attackers to cause a denial-of-service attack through a crafted TIFF file. For users who compile LibTIFF from source code, the fix is...
Astra Linux – Vulnerability in TIF format
The tiffcrop utility in libtiff has a flaw in input validation that can lead to out-of-bounds reading, and ultimately cause a crash if an attacker is able to provide a malicious file to tiffcrop...
RHSA-2026:25910 Red Hat Security Advisory: libtiff security update
Bulletin has no description...
libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...
RHEL 7 : libtiff (RHSA-2026:25910)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25910 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
EulerOS Virtualization 2.13.0 : libtiff (EulerOS-SA-2026-2406)
According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...
EulerOS Virtualization 2.13.1 : libtiff (EulerOS-SA-2026-2377)
According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...
RHSA-2026:24992 Red Hat Security Advisory: compat-libtiff3 security update
Bulletin has no description...
libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...
Important: Red Hat Security Advisory: compat-libtiff3 security update
An update for compat-libtiff3 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Security Bulletin: IBM Cloud Pak for Data System 1.0 is affected by multiple vulnerabilities
Summary IBM Cloud Pak for Data System 1.0 CPDS 1.0 includes multiple third-party components that are affected by various security vulnerabilities. These vulnerabilities include integer overflow issues in GLib leading to heap corruption and denial of service, a write-what-where condition in the...