Freeimage Security Vulnerabilities and Issues — Freeimage CVE List

Lucene search

Freeimage ProjectFreeimage

30 matches found

CVE•added 2024/01/10 12:15 a.m.•77 views

CVE-2023-47997

An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service.

6.5CVSS6.1AI score0.00089EPSS

CVE•added 2024/03/20 6:15 a.m.•77 views

CVE-2024-28565

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the psdParser::ReadImageData() function when reading images in PSD format.

5.5CVSS6.5AI score0.00044EPSS

CVE•added 2024/09/19 5:15 p.m.•77 views

CVE-2024-31570

libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.

9.8CVSS7.5AI score0.00348EPSS

CVE•added 2024/01/09 11:15 p.m.•76 views

CVE-2023-47995

Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

6.5CVSS6.1AI score0.00116EPSS

CVE•added 2024/03/20 6:15 a.m.•72 views

CVE-2024-28570

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the processMakerNote() function when reading images in JPEG format.

5.5CVSS6.5AI score0.00031EPSS

CVE•added 2024/03/20 6:15 a.m.•70 views

CVE-2024-28562

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::copyIntoFrameBuffer() component when reading images in EXR format.

6.8CVSS7.5AI score0.00255EPSS

CVE•added 2024/03/20 6:15 a.m.•68 views

CVE-2024-28563

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::DwaCompressor::Classifier::Classifier() function when reading images in EXR format.

5.9CVSS6.5AI score0.00044EPSS

CVE•added 2024/03/20 6:15 a.m.•68 views

CVE-2024-28584

Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format.

3.3CVSS6.4AI score0.00033EPSS

CVE•added 2024/03/20 6:15 a.m.•65 views

CVE-2024-28564

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::CharPtrIO::readChars() function when reading images in EXR format.

6.2CVSS6.5AI score0.00043EPSS

CVE•added 2024/03/20 6:15 a.m.•65 views

CVE-2024-28583

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the readLine() function when reading images in XPM format.

7.8CVSS7.5AI score0.00077EPSS

CVE•added 2024/03/20 6:15 a.m.•60 views

CVE-2024-28569

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::Xdr::read() function when reading images in EXR format.

7.8CVSS7.5AI score0.00041EPSS

CVE•added 2024/03/20 6:15 a.m.•59 views

CVE-2024-28577

Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile_raw() function when reading images in JPEG format.

5.5CVSS6.4AI score0.00027EPSS

CVE•added 2024/03/20 6:15 a.m.•58 views

CVE-2024-28571

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the fill_input_buffer() function when reading images in JPEG format.

5.5CVSS6.5AI score0.00031EPSS

CVE•added 2024/03/20 6:15 a.m.•58 views

CVE-2024-28580

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

8.4CVSS7.5AI score0.0004EPSS

CVE•added 2024/03/20 6:15 a.m.•57 views

CVE-2024-28581

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel() function when reading images in TARGA format.

8.4CVSS7.5AI score0.0004EPSS

CVE•added 2024/03/20 6:15 a.m.•56 views

CVE-2024-28582

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format.

8.4CVSS7.5AI score0.00041EPSS

CVE•added 2024/03/20 6:15 a.m.•55 views

CVE-2024-28579

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_Unload() function when reading images in HDR format.

6.2CVSS6.5AI score0.00032EPSS

CVE•added 2024/03/20 6:15 a.m.•53 views

CVE-2024-28567

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_CreateICCProfile() function when reading images in TIFF format.

6.2CVSS6.5AI score0.00031EPSS

CVE•added 2024/03/20 6:15 a.m.•53 views

CVE-2024-28574

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_copy_default_tcp_and_create_tcd() function when reading images in J2K format.

6.2CVSS6.5AI score0.00032EPSS

CVE•added 2024/03/20 6:15 a.m.•52 views

CVE-2024-28568

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the read_iptc_profile() function when reading images in TIFF format.

6.2CVSS6.5AI score0.00031EPSS

CVE•added 2024/03/20 6:15 a.m.•52 views

CVE-2024-28576

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_tcp_destroy() function when reading images in J2K format.

5.5CVSS6.5AI score0.00032EPSS

CVE•added 2024/03/20 6:15 a.m.•51 views

CVE-2024-28578

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Load() function when reading images in RAS format.

8.4CVSS7.5AI score0.00052EPSS

CVE•added 2024/03/20 6:15 a.m.•50 views

CVE-2024-28572

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_SetTagValue() function when reading images in JPEG format.

6.2CVSS6.5AI score0.00031EPSS

CVE•added 2024/03/20 6:15 a.m.•49 views

CVE-2024-28566

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format.

8.4CVSS7.5AI score0.00041EPSS

CVE•added 2024/03/20 6:15 a.m.•49 views

CVE-2024-28575

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_read_mct() function when reading images in J2K format.

6.2CVSS6.5AI score0.00032EPSS

CVE•added 2024/03/20 6:15 a.m.•47 views

CVE-2024-28573

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in JPEG format.

6.2CVSS6.5AI score0.00032EPSS

CVE•added 2024/01/09 11:15 p.m.•30 views

CVE-2023-47994

An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.

8.8CVSS8.7AI score0.00141EPSS

CVE•added 2024/01/09 11:15 p.m.•28 views

CVE-2023-47992

An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code.

8.8CVSS8.7AI score0.00151EPSS

CVE•added 2024/01/09 11:15 p.m.•26 views

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service.

6.5CVSS6.4AI score0.00097EPSS

CVE•added 2024/01/09 11:15 p.m.•25 views

CVE-2023-47993

A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service.

6.5CVSS6.2AI score0.00096EPSS