Lucene search
K

17 matches found

Rosalinux
Rosalinux
added 2025/01/28 7:29 p.m.23 views

Advisory ROSA-SA-2025-2657

software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0 CVE-ID: CVE-2022-4645 BDU-ID: 2023-05401 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the tiffcrop utility tools/tiffcp.c:948 of the libtiff library involves reading beyond buffer boundaries in memory. Exploitation of the...

6.8CVSS7.1AI score0.0051EPSS
Exploits4
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.25 views

openSUSE: Security Advisory for tiff (SUSE-SU-2023:4370-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.01124EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.34 views

EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2023-2918)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 -...

6.5CVSS6.3AI score0.01124EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2023/11/09 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-3135)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.01124EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.28 views

SUSE SLES12 Security Update : tiff (SUSE-SU-2023:4371-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4371-1 advisory. - CVE-2023-38289: Fixed a NULL pointer dereference in raw2tiff bsc1213589. - CVE-2023-38288: Fixed an integer overflow in raw2tiff...

6.5CVSS7AI score0.01124EPSS
Exploits5References24
OpenVAS
OpenVAS
added 2023/11/01 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-3101)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01124EPSS
Exploits2References2
OSV
OSV
added 2023/10/18 1:45 p.m.3 views

BELL-CVE-2023-2908

Bulletin has no description...

5.5CVSS7AI score0.00495EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/10/10 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2937)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01124EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/10/10 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2918)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01124EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/10/09 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2881)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01124EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2813)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01124EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2023/08/15 9:2 p.m.73 views

USN-6290-1: LibTIFF vulnerabilities

It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a...

6.5CVSS7AI score0.01124EPSS
Exploits7
OpenVAS
OpenVAS
added 2023/08/01 12:0 a.m.31 views

Debian: Security Advisory (DLA-3513-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.01131EPSS
Exploits5References4
CBLMariner
CBLMariner
added 2023/07/28 11:16 p.m.34 views

CVE-2023-2908 affecting package libtiff 4.5.0-3

CVE-2023-2908 affecting package libtiff 4.5.0-3. An upgraded version of the package is available that resolves this issue...

5.5CVSS7.4AI score0.00495EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2023/06/30 10:15 p.m.26 views

CVE-2023-2908

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

5.5CVSS6.8AI score0.00495EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/06/30 12:0 a.m.18 views

CVE-2023-2908 Libtiff: null pointer dereference in tif_dir.c

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

5.5CVSS6.4AI score0.00495EPSS
Exploits1References6
CVE
CVE
added 2023/06/30 12:0 a.m.99 views

CVE-2023-2908

CVE-2023-2908 is a NULL pointer dereference in libtiff's tif_dir.c affecting LibTIFF (tiffcp/tiffcrop processing). The impact is denial of service via an application crash when handling crafted TIFFs. Public fixes exist: Debian reports patch in 4.2.0-1+deb11u6; IBM-related advisory for Data produ...

5.5CVSS5.7AI score0.00495EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder