56 matches found
Astra Linux - уязвимость в tiff
The loadImage function in tools/tiffcrop.c within LibTIFF, as of version 4.5.0, involves a heap-based use after deallocation, involving a crafted TIFF image...
CVE-2026-6591
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folderpaths.getannotatedfilepath of the file folderpaths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-6591 ComfyUI LoadImage Node folder_paths.py folder_paths.get_annotated_filepath path traversal
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folderpaths.getannotatedfilepath of the file folderpaths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-6591 ComfyUI LoadImage Node folder_paths.py folder_paths.get_annotated_filepath path traversal
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folderpaths.getannotatedfilepath of the file folderpaths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-6591
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folderpaths.getannotatedfilepath of the file folderpaths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-6591
ComfyUI up to 0.13.0 is affected by a path traversal in the LoadImage Node’s folder_paths.get_annotated_filepath (folder_paths.py). The vulnerability arises from manipulating the Name argument, enabling remote exploitation. An exploit has been published; vendor was contacted but did not respond. ...
EUVD-2026-23735
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folderpaths.getannotatedfilepath of the file folderpaths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has been...
PT-2026-33660
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder paths.get annotated filepath of the file folder paths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote exploitation of the attack is possible. The exploit has bee...
MiracleLinux 9 : libtiff-4.4.0-10.el9 (AXSA:2023-6618:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6618:08 advisory. libtiff: null pointer dereference in LZWDecode in libtiff/tiflzw.c CVE-2023-2731 libtiff: tiffcrop: null pointer dereference in TIFFClose...
JLSEC-2025-306 loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a craft...
loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image...
NewStart CGSL MAIN 6.02 : compat-libtiff3 Vulnerability (NS-SA-2024-0055)
The remote NewStart CGSL host, running version MAIN 6.02, has compat-libtiff3 packages installed that are affected by a vulnerability: - A heap use-after-free vulnerability was found in LibTIFF's tiffcrop utility in the loadImage function. This flaw allows an attacker to pass a crafted TIFF image...
RHEL 8 : libtiff (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtiff: memory leak in TIFFFdOpen function in tifunix.c when using pal2rgb CVE-2019-6128 - libtiff:...
EulerOS 2.0 SP8 : libtiff (EulerOS-SA-2023-3135)
According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointe...
EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-2813)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointer...
EulerOS Virtualization 3.0.6.0 : libtiff (EulerOS-SA-2023-3435)
According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 ...
EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2023-2918)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 -...
EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-2789)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. CVE-2023-26965 - A null pointer...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : tiff (SUSE-SU-2023:4869-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4869-1 advisory. - LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:619, allowing...
libtiff: heap-based use after free via a crafted TIFF image in loadImage() in tiffcrop.c
A heap use-after-free vulnerability was found in LibTIFF's tiffcrop utility in the loadImage function. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcrop utility, which causes an out-of-bounds write access, resulting in an application crash, eventually leading to a...
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2960)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...