CVE-2018-11803

Subversion's moddavsvn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation...

CVE-2017-18013

In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tifprint.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash...

CVE-2017-10688

In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tifdirwrite.c. A crafted input will lead to a remote denial of service attack...

CVE-2017-9404

In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tifojpeg.c, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-9403

In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tifdirread.c, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-7595

The JPEGSetupEncode function in tiffjpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted image...

CVE-2016-10269

LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted TIFF image, related to "READ of...

CVE-2016-3658

The TIFFWriteDirectoryTagLongLong8Array function in tifdirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors involving the ma variable...