CLSA-2026-1778166747 libtiff: Fix of CVE-2026-4775

CVE-2026-4775: signed integer overflow in YCbCr tile decoders leading to heap overflow...

libtiff security update

4.6.0-6.3 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159309...

Important: libtiff

Issue Overview: A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer...

EUVD-2026-14901

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

KB5066837: Windows 10 LTS 1507 Security Update (October 2025)

The remote Windows host is missing security update 5066837. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

EUVD-2016-10341

Malware in sbrugna...

EUVD-2005-2453

Malware in sbrugna...

EUVD-2021-0172

Malware in sbrugna...

EUVD-2021-0181

Malware in sbrugna...

EUVD-2021-9113

Malicious code in bioql PyPI...

BIT-PILLOW-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode...

BIT-PILLOW-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

SUSE CVE-2016-2329

libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted TIFF file, related to th...

SUSE CVE-2018-5800

An off-by-one error within the "LibRaw::kodakycbcrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...

SUSE CVE-2018-10805

ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c...

SUSE CVE-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode...

SUSE CVE-2021-25289

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

CVE-2021-41413

ok-file-formats master 2021-9-12 is affected by a buffer overflow in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...

CVE-2021-41413

ok-file-formats master 2021-9-12 is affected by a buffer overflow in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...

ok-file-formats 安全漏洞

ok-file-formats is an open source decoder for PNG, JPEG, WAV and some other file formats. A security vulnerability exists in ok-file-formats master version 2021-9-12, which stems from a buffer overflow issue in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...