20 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-26965
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2022-28042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h v2.27 was discovered to contain an heap-based use-after-free via the function stbijpeghuffdecode. CVE-2022-28042 Note that Nessus relies on the...
CentOS 9 : libtiff-4.4.0-10.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libtiff-4.4.0-10.el9 build changelog. - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - libtif...
EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-2813)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointer...
EulerOS 2.0 SP8 : libtiff (EulerOS-SA-2023-3135)
According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointe...
EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-2789)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointer...
EulerOS Virtualization 2.10.0 : libtiff (EulerOS-SA-2023-2937)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 -...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-3435)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:4869-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 9 : libtiff (ELSA-2023-6575)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6575 advisory. - Fix CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 - Resolves: CVE-2023-26965 CVE-2023-3316 CVE-2023-26966 CVE-2023-3576 - Fix CVE-2023-27...
RHEL 9 : libtiff (RHSA-2023:6575)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6575 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: null...
ALSA-2023:6575 Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: null pointer dereference in LZWDecode in libtiff/tiflzw.c CVE-2023-2731 libtiff: tiffcrop: null pointer dereference in TIFFClose CVE-2023-3316 libtiff: memory leak in...
Updated libtiff packages fix security vulnerability
A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...
CVE-2023-26965
loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image...
CVE-2017-17973
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2pwriteproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue...
Denial Of Service (DoS)
mruby is vulnerable to denial of service DoS attacks. The attacks exist because the markcontextstack function in gc.c does not properly handle a .rb file, allowing the attacker to trigger a heap-based use-after-free and application crash possibly other impacts using a malicious .rb file...
CVE-2017-9527
The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...
CVE-2017-9527
The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...
CVE-2017-9527
The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...
Heap use-after-free in mark_context_stack
The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...