CVE-2026-33809

CVE-2026-33809 affects the Go TIFF decoder in golang.org/x/image/tiff. A malicious TIFF file can trigger image decoding to attempt to allocate up to 4 GiB of memory via an oversized IFD offset, leading to excessive resource consumption or an out-of-memory error. The provided connected documents c...

MiracleLinux 3 : cups-1.3.7-8.4.1AXS3 (AXSA:2009-44:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-44:01 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to...

EUVD-2020-0134

Malware in sbrugna...

EUVD-2020-6110

Malware in sbrugna...

Unity Linux 20.1070e Security Update: libtiff (UTSA-2025-680618)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680618 advisory. LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For...

BIT-PILLOW-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

SUSE CVE-2016-2329

libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted TIFF file, related to th...

SUSE CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

SUSE CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

SUSE CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

DEBIAN-CVE-2022-41639

A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a...

Integer overflow in Pillow

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2021-1729)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.CVE-2020-5313 - An out-of-bounds write flaw was...

PYSEC-2021-36

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

UBUNTU-CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

DEBIAN-CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

Denial Of Service (DoS)

pillow is vulnerable to denial of service. A buffer overflow bug in the TIFF decoding allows an attacker to crash the application or potentially execute arbtirary code on the system...

Arbitrary Code Execution

pillow is vulnerable to integer overflow. A TIFF decoding integer overflow in libImaging/TiffDecode.c can potentially allow an attacker to execute arbitrary code using a malicious tif image...

CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...