Lucene search
+L

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-26965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 Note that Nessus relies on the...

5.5CVSS6.7AI score0.00376EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-28042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h v2.27 was discovered to contain an heap-based use-after-free via the function stbijpeghuffdecode. CVE-2022-28042 Note that Nessus relies on the...

8.8CVSS7AI score0.01598EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.33 views

CentOS 9 : libtiff-4.4.0-10.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libtiff-4.4.0-10.el9 build changelog. - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - libtif...

6.5CVSS6.4AI score0.01124EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.27 views

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-2813)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointer...

6.5CVSS6.3AI score0.01124EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.37 views

EulerOS 2.0 SP8 : libtiff (EulerOS-SA-2023-3135)

According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointe...

6.5CVSS6.3AI score0.01188EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.29 views

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-2789)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointer...

6.5CVSS6.3AI score0.01124EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.27 views

EulerOS Virtualization 2.10.0 : libtiff (EulerOS-SA-2023-2937)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 -...

6.5CVSS6.3AI score0.01124EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2023/12/15 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-3435)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.01188EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/12/15 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2023:4869-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.01684EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.40 views

Oracle Linux 9 : libtiff (ELSA-2023-6575)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6575 advisory. - Fix CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 - Resolves: CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 - Fix CVE-2023-27...

6.5CVSS6.6AI score0.01124EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.35 views

RHEL 9 : libtiff (RHSA-2023:6575)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6575 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: null...

6.5CVSS6.7AI score0.01124EPSS
Exploits4References14
OSV
OSV
added 2023/11/07 12:0 a.m.31 views

ALSA-2023:6575 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: null pointer dereference in LZWDecode in libtiff/tiflzw.c CVE-2023-2731 libtiff: tiffcrop: null pointer dereference in TIFFClose CVE-2023-3316 libtiff: memory leak in...

6.5CVSS6.7AI score0.01124EPSS
Exploits4References12
Mageia
Mageia
added 2023/09/11 1:7 p.m.50 views

Updated libtiff packages fix security vulnerability

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

6.5CVSS6.8AI score0.01188EPSS
Exploits5References2
OSV
OSV
added 2023/06/14 12:0 a.m.23 views

CVE-2023-26965

loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image...

5.5CVSS7.1AI score0.00376EPSS
Exploits1References6
OSV
OSV
added 2017/12/29 9:29 p.m.7 views

CVE-2017-17973

In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2pwriteproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue...

8.8CVSS8.9AI score
Exploits0References4
Veracode
Veracode
added 2017/06/12 1:26 a.m.29 views

Denial Of Service (DoS)

mruby is vulnerable to denial of service DoS attacks. The attacks exist because the markcontextstack function in gc.c does not properly handle a .rb file, allowing the attacker to trigger a heap-based use-after-free and application crash possibly other impacts using a malicious .rb file...

7.8CVSS8.8AI score0.0097EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2017/06/11 5:29 p.m.27 views

CVE-2017-9527

The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...

7.8CVSS7.1AI score0.0097EPSS
Exploits1References1
OSV
OSV
added 2017/06/11 5:29 p.m.14 views

CVE-2017-9527

The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...

7.8CVSS7.4AI score
Exploits0References3
Cvelist
Cvelist
added 2017/06/11 5:0 p.m.19 views

CVE-2017-9527

The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...

8.9AI score0.0097EPSS
Exploits1References3
RubySec
RubySec
added 2017/06/11 12:0 a.m.15 views

Heap use-after-free in mark_context_stack

The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...

7.8CVSS7AI score0.0097EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder