Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-40745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or possibly execute an arbitrary...

6.5CVSS7.4AI score0.01131EPSS
Exploits0References2
Amazon
Amazon
added 2024/05/28 12:0 a.m.8 views

Important: libtiff

Issue Overview: Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...

7.7CVSS9.1AI score0.01131EPSS
Exploits3
OSV
OSV
added 2024/04/30 12:0 a.m.45 views

ALSA-2024:2289 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: infinite loop via a crafted TIFF file CVE-2022-40090 libtiff: segmentation fault in Fax3Encode in libtiff/tiffax3.c CVE-2023-3618 libtiff: integer overflow in tiffcp....

6.5CVSS6.7AI score0.01131EPSS
Exploits1References12
OSV
OSV
added 2024/03/22 10:23 a.m.9 views

SUSE-SU-2024:0973-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c bsc1214686. - CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c bsc1213590. - CVE-2023-40745: Fixed integer overflow in tiffcp.c bsc1214687...

6.5CVSS6.7AI score0.01131EPSS
Exploits0References8
Mageia
Mageia
added 2024/03/20 9:19 p.m.49 views

Updated libtiff packages fix security vulnerabilities

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. CVE-2023-40745 A vulnerability was found in libtiff due to...

6.5CVSS8AI score0.01131EPSS
Exploits0References2
OSV
OSV
added 2024/03/18 7:52 a.m.8 views

SUSE-SU-2024:0915-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c bsc1214686. - CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c bsc1213590. - CVE-2023-40745: Fixed integer overflow in tiffcp.c bsc1214687. - CVE-2015-8668: Fixed...

9.8CVSS7.5AI score0.13722EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2024/02/09 12:0 a.m.48 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-1148)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.01131EPSS
Exploits2References2
Debian
Debian
added 2023/11/27 5:4 a.m.35 views

[SECURITY] [DSA 5567-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5567-1 [email protected] https://www.debian.org/security/ Aron Xu November 27, 2023 https://www.debian.org/security/faq - -...

6.5CVSS7.1AI score0.01131EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/11/08 2:7 a.m.25 views

CVE-2023-40745 affecting package libtiff for versions less than 4.6.0-1

CVE-2023-40745 affecting package libtiff for versions less than 4.6.0-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.8AI score0.01131EPSS
Exploits0
CVE
CVE
added 2023/10/05 6:55 p.m.210 views

CVE-2023-40745

LibTIFF is affected by CVE-2023-40745 due to an integer overflow in the library that can trigger a heap-based buffer overflow when processing crafted TIFF images. This can lead to remote denial of service (application crash) and, in some reports, may allow arbitrary code execution. Related adviso...

6.5CVSS7.1AI score0.01131EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/03 12:0 a.m.31 views

Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2023-364)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-364 advisory. LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that...

6.5CVSS7.3AI score0.01131EPSS
Exploits2References12
OpenVAS
OpenVAS
added 2023/08/01 12:0 a.m.32 views

Debian: Security Advisory (DLA-3513-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.01131EPSS
Exploits5References4
Rows per page
Query Builder