Lucene search
+L

2551 matches found

CVE
CVE
added 2017/04/09 2:0 p.m.116 views

CVE-2017-7599

CVE-2017-7599 affects LibTIFF up to version 4.0.7, where a crafted TIFF file can trigger undefined behavior (via putagreytile/related paths) and cause a denial of service (application crash). Public advisories and vendor posts indicate this class of issues covered multiple CVEs in LibTIFF and wer...

7.8CVSS7.2AI score0.01984EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2017/04/09 2:0 p.m.34 views

CVE-2017-7597

tifdirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS8AI score0.01768EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2017/04/09 2:0 p.m.364 views

CVE-2017-7596

LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS7.7AI score0.01941EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2017/04/09 2:0 p.m.46 views

CVE-2017-7592

The putagreytile function in tifgetimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS7.9AI score0.01951EPSS
Exploits0
OSV
OSV
added 2017/04/09 12:0 a.m.2 views

UBUNTU-CVE-2017-7596

LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS7AI score0.01941EPSS
Exploits1References4
OSV
OSV
added 2017/04/09 12:0 a.m.2 views

UBUNTU-CVE-2017-7599

LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS7AI score0.01984EPSS
Exploits1References4
OSV
OSV
added 2017/04/09 12:0 a.m.2 views

UBUNTU-CVE-2017-7592

The putagreytile function in tifgetimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS7AI score0.01951EPSS
Exploits0References3
OSV
OSV
added 2017/04/09 12:0 a.m.2 views

UBUNTU-CVE-2017-7601

LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS6.8AI score0.02452EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/01/10 12:0 a.m.30 views

Fedora 24 : libpng10 (2016-1a7e14d084)

This update fixes an old NULL pointer dereference bug in pngsettext2 discovered and patched by Patrick Keshishian CVE-2016-10087. The potential 'NULL dereference' bug has existed in libpng since version 0.71 of June 26, 1995. To be vulnerable, an application has to load a text chunk into the png...

7.5CVSS7.3AI score0.05517EPSS
Exploits0References2
NVD
NVD
added 2016/09/20 2:15 p.m.15 views

CVE-2015-8931

Multiple integer overflows in the 1 gettimetmax and 2 gettimetmin functions in archivereadsupportformatmtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior...

7.8CVSS7.7AI score0.02122EPSS
Exploits1References12
OSV
OSV
added 2016/09/20 2:15 p.m.9 views

CVE-2015-8931

Multiple integer overflows in the 1 gettimetmax and 2 gettimetmin functions in archivereadsupportformatmtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior...

7.8CVSS8.2AI score0.02122EPSS
Exploits1References17
Prion
Prion
added 2016/09/20 2:15 p.m.26 views

Integer overflow

Multiple integer overflows in the 1 gettimetmax and 2 gettimetmin functions in archivereadsupportformatmtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior...

6.8CVSS7.2AI score0.02122EPSS
Exploits1References12Affected Software6
Debian CVE
Debian CVE
added 2016/09/20 2:0 p.m.37 views

CVE-2015-8931

Multiple integer overflows in the 1 gettimetmax and 2 gettimetmin functions in archivereadsupportformatmtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior...

7.8CVSS7.9AI score0.02122EPSS
Exploits1
Cvelist
Cvelist
added 2016/09/20 2:0 p.m.25 views

CVE-2015-8931

Multiple integer overflows in the 1 gettimetmax and 2 gettimetmin functions in archivereadsupportformatmtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior...

7.8AI score0.02122EPSS
Exploits1References12
Cent OS
Cent OS
added 2016/09/16 12:18 a.m.257 views

bsdcpio, bsdtar, libarchive security update

CentOS Errata and Security Advisory CESA-2016:1844 An update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.8CVSS7.4AI score0.11992EPSS
Exploits13References7
Cent OS
Cent OS
added 2016/09/15 10:26 p.m.121 views

libarchive security update

CentOS Errata and Security Advisory CESA-2016:1850 An update for libarchive is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS6.8AI score0.11992EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2016/09/13 12:0 a.m.31 views

Scientific Linux Security Update : libarchive on SL6.x i386/x86_64 (20160912)

Security Fixes : - A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

7.5CVSS6.9AI score0.11992EPSS
Exploits3References8
RedHat Linux
RedHat Linux
added 2016/09/12 8:11 p.m.14 views

libarchive: Undefined behavior / invalid shiftleft in TAR parser

Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...

5.5CVSS5.7AI score0.02214EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/09/12 8:11 p.m.43 views

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.8CVSS7.4AI score0.11992EPSS
Exploits13References24
RedHat Linux
RedHat Linux
added 2016/09/12 7:54 p.m.14 views

libarchive: Undefined behavior / invalid shiftleft in TAR parser

Undefined behavior invalid left shift was discovered in libarchive, in how Compress streams are identified. This could cause certain files to be mistakenly identified as Compress archives and fail to read...

5.5CVSS5.7AI score0.02214EPSS
Exploits1References4
Rows per page
Query Builder