Astra Linux – Vulnerability in exiv2

There is a vulnerable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26, which can lead to a remote denial-of-service attack due to malicious input...

PT-2026-2061

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools used for interacting with, manipulating, and applying ICC color management profiles. A division by zero flaw exists in the TIFF Image Reader component in...

EUVD-2011-3158

Malware in sbrugna...

Debian: Security Advisory (DLA-117-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : OpenImageIO (2023-c3d65c8f7b)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c3d65c8f7b advisory. Release 2.4.8.1 13 Feb 2023 -- compared to 2.4.8.0 Fixtarga: guard against corrupted tga files Fixes TALOS-2023-1707 / CVE-2023-24473, TALOS-2023-17...

SUSE CVE-2011-3194

Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the TIFFTAGSAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel...

python-pillow: Negative-offset memcpy in TIFF image reader

A flaw was found in python-pillow. In TiffDecode.c, there is a negative-offset memcpy with an invalid size which could lead to a system crash...

The vulnerability of the `Internal::TiffReader::visitDirectory` function in the `tiffvisitor.cpp` file of the Exiv2 media metadata management library, related to the insufficient use of the `assert()` function, allows a malicious actor to cause service failures.

The vulnerability of the Internal::TiffReader::visitDirectory function in the tiffvisitor.cpp file of the Exiv2 media metadata management library is related to the insufficient use of the assert function. Exploiting this vulnerability could allow an attacker to cause service failures...

FreeBSD : Fix a buffer overflow in the tiff reader (38fec4bd-90f7-11e8-aafb-1c39475b9f84)

libvips reports : A buffer overflow was found and fixed in the libvips code C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors Redistribution and use in sourc...

Fix a buffer overflow in the tiff reader

libvips reports: A buffer overflow was found and fixed in the libvips code...

CVE-2018-8960

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read...

UBUNTU-CVE-2018-7443

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c...

DEBIAN-CVE-2017-14607

In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

Exiv2 Denial of Service Vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel. A security vulnerability exists in the 'Internal::TiffReader::visitDirectory' function of the tiffvisitor.cpp file in Exiv2 version 0.26. A remote attacker can exploit...

PYSEC-2017-126

There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input...

GraphicsMagick Multiple Vulnerabilities-01 (Feb 2017) - Windows

GraphicsMagick is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Amazon Linux: Security Advisory (ALAS-2016-752)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: GraphicsMagick

Issue Overview: A possible heap overflow was discovered in the EscapeParenthesis function CVE-2016-7447. Various issues were found in the processing of SVG files in GraphicsMagick CVE-2016-7446. The TIFF reader had a bug pertaining to use of TIFFGetField when a 'count' value is returned. The bug...

Updated graphicsmagick packages fix security vulnerability

A possible heap overflow of the EscapeParenthesis function CVE-2016-7447. The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU CVE-2016-7448. The TIFF reader had a bug...

MGASA-2016-0325 Updated graphicsmagick packages fix security vulnerability

A possible heap overflow of the EscapeParenthesis function CVE-2016-7447. The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU CVE-2016-7448. The TIFF reader had a bug...