threat
engine
.sh
Back
·
··:··
Home
/
Product
/
libtiff
Product
libtiff
268 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-4775
all versions
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8
7.8
HIGH
CVE-2025-61145
< 4.7.1
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
5.0
MEDIUM
CVE-2025-61144
< 4.7.1
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
7.3
HIGH
CVE-2025-61143
< 4.7.1
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.
5.5
MEDIUM
CVE-2025-9165
all versions
A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of
2.5
LOW
CVE-2025-8961
all versions
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop.
3.3
LOW
CVE-2025-8851
<= 4.5.1
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the f
5.3
MEDIUM
CVE-2025-8534
all versions
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the f
2.5
LOW
CVE-2024-13978
<= 4.7.0
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the funct
2.5
LOW
CVE-2025-8177
<= 4.7.0
A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the fil
5.3
MEDIUM
CVE-2025-8176
<= 4.7.0
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_hi
5.3
MEDIUM
CVE-2024-7006
>= 3.5.1 and <= 4.6.0
A null pointer dereference flaw was found in Libtiff via
tif_dirinfo.c
. This issue may allow an attacker to trigger memory alloc
7.5
HIGH
CVE-2023-52356
all versions
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt
7.5
HIGH
CVE-2023-52355
< 4.6.0
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64(
7.5
HIGH
CVE-2023-6228
all versions
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a he
3.3
LOW
CVE-2023-6277
all versions
An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a d
6.5
MEDIUM
CVE-2023-3164
< 4.6.0
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:
5.5
MEDIUM
CVE-2023-41175
< 4.6.0
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers
6.5
MEDIUM
CVE-2023-40745
< 4.6.0
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) o
6.5
MEDIUM
CVE-2023-3576
< 4.5.1
A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowin
5.5
MEDIUM
CVE-2022-40090
< 4.4.0
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via craft
6.5
MEDIUM
CVE-2020-18768
all versions
There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-o
5.5
MEDIUM
CVE-2023-3618
< 4.5.1
A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3En
6.5
MEDIUM
CVE-2023-2908
<= 4.5.0
A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF im
5.5
MEDIUM
CVE-2023-26966
all versions
libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies
5.5
MEDIUM
CVE-2023-25433
all versions
libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateI
5.5
MEDIUM
CVE-2023-25435
all versions
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.
5.5
MEDIUM
CVE-2023-3316
>= 3.9.0 and < 4.5.1
A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires
5.9
MEDIUM
CVE-2023-26965
<= 4.5.0
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
5.5
MEDIUM
CVE-2023-25434
all versions
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
8.8
HIGH
CVE-2023-30775
all versions
A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits,
5.5
MEDIUM
CVE-2023-30774
>= 3.5.1 and <= 4.4.0
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFT
5.5
MEDIUM
CVE-2023-2731
< 4.5.0
A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a loca
5.5
MEDIUM
CVE-2023-30086
all versions
Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp functio
5.5
MEDIUM
CVE-2023-1916
>= 4.0 and <= 4.5.0
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bo
6.1
MEDIUM
CVE-2022-4645
>= 3.5.1 and <= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a cra
6.8
MEDIUM
CVE-2023-0804
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2023-0803
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2023-0802
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2023-0801
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcro
6.8
MEDIUM
CVE-2023-0800
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2023-0799
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2023-0798
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2023-0797
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop
6.8
MEDIUM
CVE-2023-0796
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2023-0795
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via
6.8
MEDIUM
CVE-2022-48281
<= 4.5.0
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203")
5.5
MEDIUM
CVE-2022-3970
< 4.5.0
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the fil
6.3
MEDIUM
CVE-2022-3627
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiff
5.5
MEDIUM
CVE-2022-3626
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/ti
5.5
MEDIUM
CVE-2022-3599
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-se
5.5
MEDIUM
CVE-2022-3598
>= 3.9.0 and <= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to caus
5.5
MEDIUM
CVE-2022-3597
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiff
5.5
MEDIUM
CVE-2022-3570
>= 3.9.0 and <= 4.4.0
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of
7.7
HIGH
CVE-2022-2521
all versions
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffc
6.5
MEDIUM
CVE-2022-2520
all versions
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause progr
6.5
MEDIUM
CVE-2022-2519
all versions
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
6.5
MEDIUM
CVE-2022-1355
< 4.4.0
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TI
6.1
MEDIUM
CVE-2022-1354
< 4.4.0
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker t
5.5
MEDIUM
CVE-2022-2953
<= 4.4.0
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-s
5.5
MEDIUM
CVE-2022-2869
< 4.4.0
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits rout
5.5
MEDIUM
CVE-2022-2868
< 4.4.0
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash i
5.5
MEDIUM
CVE-2022-2867
< 4.4.0
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a craf
5.5
MEDIUM
CVE-2022-34526
all versions
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a
6.5
MEDIUM
CVE-2022-34266
all versions
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application cr
5.5
MEDIUM
CVE-2022-2058
all versions
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users
5.5
MEDIUM
CVE-2022-2057
all versions
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users
5.5
MEDIUM
CVE-2022-2056
all versions
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users
5.5
MEDIUM
CVE-2022-1623
all versions
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-ser
5.5
MEDIUM
CVE-2022-1622
all versions
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-ser
5.5
MEDIUM
CVE-2022-1210
all versions
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of t
4.3
MEDIUM
CVE-2022-1056
all versions
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For u
5.5
MEDIUM
CVE-2022-0924
all versions
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For use
5.5
MEDIUM
CVE-2022-0909
all versions
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users
5.5
MEDIUM
CVE-2022-0908
<= 4.3.0
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions u
7.7
HIGH
CVE-2022-0907
all versions
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via
5.5
MEDIUM
CVE-2022-0891
>= 3.9.0 and <= 4.3.0
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger u
6.1
MEDIUM
CVE-2022-0865
all versions
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users th
5.5
MEDIUM
CVE-2022-0562
>= 4.0.0 and <= 4.3.0
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions fro
5.5
MEDIUM
CVE-2022-0561
>= 3.9.0 and <= 4.3.0
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions f
5.5
MEDIUM
CVE-2022-22844
all versions
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as th
5.5
MEDIUM
CVE-2020-19144
all versions
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component
6.5
MEDIUM
CVE-2020-19143
all versions
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component
6.5
MEDIUM
CVE-2020-19131
all versions
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component
7.5
HIGH
CVE-2020-35524
< 4.2.0
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially craf
7.8
HIGH
CVE-2020-35523
< 4.2.0
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and e
7.8
HIGH
CVE-2020-35522
< 4.2.0
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remot
5.5
MEDIUM
CVE-2020-35521
< 4.2.0
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting
5.5
MEDIUM
CVE-2014-8128
< 4.0.4
LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cau
6.5
MEDIUM
CVE-2019-17546
< 4.1.0
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potential
8.8
HIGH
CVE-2019-14973
<= 4.0.10
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely
6.5
MEDIUM
CVE-2017-16232
all versions
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), a
7.5
HIGH
CVE-2019-7663
all versions
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10
6.5
MEDIUM
CVE-2019-6128
all versions
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
8.8
HIGH
CVE-2018-19210
all versions
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a
6.5
MEDIUM
CVE-2018-18661
all versions
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
6.5
MEDIUM
CVE-2018-18557
all versions
LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4
8.8
HIGH
CVE-2018-17795
all versions
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-b
8.8
HIGH
CVE-2018-17101
all versions
An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, whi
8.8
HIGH
CVE-2018-17100
all versions
An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial o
8.8
HIGH
CVE-2018-17000
all versions
A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIF
6.5
MEDIUM
CVE-2018-16335
all versions
newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial o
8.8
HIGH
CVE-2018-15209
all versions
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based b
8.8
HIGH
CVE-2018-12900
all versions
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.
8.8
HIGH
CVE-2018-10963
<= 4.0.9
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of servi
6.5
MEDIUM
CVE-2018-10801
all versions
TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.
6.5
MEDIUM
CVE-2018-10779
all versions
TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
6.5
MEDIUM
CVE-2018-10126
all versions
ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place
6.5
MEDIUM
CVE-2018-8905
all versions
In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as dem
8.8
HIGH
CVE-2016-5314
<= 4.0.6
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a d
8.8
HIGH
CVE-2014-8130
all versions
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a deni
6.5
MEDIUM
CVE-2014-8129
all versions
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact
8.8
HIGH
CVE-2018-7456
all versions
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7,
6.5
MEDIUM
CVE-2018-5784
all versions
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers co
6.5
MEDIUM
CVE-2018-5360
< 4.0.6
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage f
8.8
HIGH
CVE-2017-18013
all versions
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinf
6.5
MEDIUM
CVE-2017-17973
all versions
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party r
8.8
HIGH
CVE-2017-17942
all versions
In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.
8.8
HIGH
CVE-2017-17095
all versions
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffe
8.8
HIGH
CVE-2017-13727
all versions
There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and
6.5
MEDIUM
CVE-2017-13726
all versions
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a Sub
6.5
MEDIUM
CVE-2017-12944
all versions
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remot
7.5
HIGH
CVE-2017-11613
all versions
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of se
6.5
MEDIUM
CVE-2017-11335
all versions
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more th
8.8
HIGH
CVE-2017-10688
all versions
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted i
7.5
HIGH
CVE-2014-8127
all versions
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the
6.5
MEDIUM
CVE-2017-9937
<= 4.0.8
In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remo
6.5
MEDIUM
CVE-2017-9936
all versions
In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote de
6.5
MEDIUM
CVE-2017-9935
<= 4.0.8
In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow coul
8.8
HIGH
CVE-2017-9815
all versions
In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows att
6.5
MEDIUM
CVE-2017-9404
all versions
In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which a
6.5
MEDIUM
CVE-2017-9403
all versions
In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows
6.5
MEDIUM
CVE-2017-9147
all versions
LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denia
6.5
MEDIUM
CVE-2017-9117
all versions
In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the
4.0
MEDIUM
CVE-2016-10371
all versions
The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of
5.5
MEDIUM
CVE-2016-5322
<= 4.0.6
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-b
5.5
MEDIUM
CVE-2017-7602
all versions
LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) o
7.8
HIGH
CVE-2017-7601
all versions
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers t
7.8
HIGH
CVE-2017-7600
all versions
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow
7.8
HIGH
CVE-2017-7599
all versions
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote
7.8
HIGH
CVE-2017-7598
all versions
tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application cra
7.8
HIGH
CVE-2017-7597
all versions
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which mi
7.8
HIGH
CVE-2017-7596
all versions
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote
7.8
HIGH
CVE-2017-7595
all versions
The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero
5.5
MEDIUM
CVE-2017-7594
all versions
The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of serv
5.5
MEDIUM
CVE-2017-7593
all versions
tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain
5.5
MEDIUM
CVE-2017-7592
all versions
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote a
7.8
HIGH
CVE-2016-10272
all versions
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other
7.8
HIGH
CVE-2016-10271
all versions
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer ove
7.8
HIGH
CVE-2016-10270
all versions
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified othe
7.8
HIGH
CVE-2016-10269
all versions
LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 al
7.8
HIGH
CVE-2016-10268
all versions
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer unde
7.8
HIGH
CVE-2016-10267
all versions
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF
5.5
MEDIUM
CVE-2016-10266
all versions
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF
5.5
MEDIUM
CVE-2015-7313
< 4.0.7
LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file.
5.5
MEDIUM
CVE-2016-5315
<= 4.0.6
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-b
5.5
MEDIUM
CVE-2016-10095
all versions
Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0bet
5.5
MEDIUM
CVE-2016-10094
all versions
Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have
7.8
HIGH
CVE-2016-10093
all versions
Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0
7.8
HIGH
CVE-2016-10092
all versions
Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6,
7.8
HIGH
CVE-2016-9532
<= 4.0.6
Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to caus
5.5
MEDIUM
CVE-2016-5102
<= 4.0.6
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause
5.5
MEDIUM
CVE-2016-9453
< 4.0.7
The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and
7.8
HIGH
CVE-2016-9448
all versions
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference an
7.5
HIGH
CVE-2016-6223
<= 4.0.6
The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a deni
9.1
CRITICAL
CVE-2017-5563
all versions
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted
8.8
HIGH
CVE-2016-5323
<= 4.0.6
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error
7.5
HIGH
CVE-2016-5321
<= 4.0.6
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) vi
6.5
MEDIUM
CVE-2016-5319
<= 4.0.6
Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a c
6.5
MEDIUM
CVE-2016-5318
<= 4.0.6
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the appli
6.5
MEDIUM
CVE-2016-5317
all versions
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used
6.5
MEDIUM
CVE-2016-5316
<= 4.0.6
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash
6.5
MEDIUM
CVE-2016-9297
all versions
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via cra
7.5
HIGH
CVE-2016-9273
all versions
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related t
5.5
MEDIUM
CVE-2017-5225
all versions
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted
8.8
HIGH
CVE-2016-5652
all versions
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF documen
7.0
HIGH
CVE-2015-8870
<= 4.0.3
Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buff
7.4
HIGH
CVE-2016-9540
all versions
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSV
9.8
CRITICAL
CVE-2016-9539
all versions
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.
9.8
CRITICAL
CVE-2016-9538
all versions
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow.
9.8
CRITICAL
CVE-2016-9537
all versions
tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR
9.8
CRITICAL
CVE-2016-9536
all versions
tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). R
9.8
CRITICAL
CVE-2016-9535
all versions
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer over
9.8
CRITICAL
CVE-2016-9534
all versions
tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp
9.8
CRITICAL
CVE-2016-9533
all versions
tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "Pi
9.8
CRITICAL
CVE-2016-8331
all versions
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF
8.1
HIGH
CVE-2016-3658
<= 4.0.6
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote
7.5
HIGH
CVE-2016-3634
<= 4.0.6
The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a den
7.5
HIGH
CVE-2016-3633
<= 4.0.6
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-o
7.5
HIGH
CVE-2016-3631
<= 4.0.6
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a de
7.5
HIGH
CVE-2016-3625
<= 4.0.6
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds re
6.5
MEDIUM
CVE-2016-3624
<= 4.0.6
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out
7.5
HIGH
CVE-2016-3623
<= 4.0.6
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting t
7.5
HIGH
CVE-2016-3622
all versions
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial o
6.5
MEDIUM
CVE-2016-3621
<= 4.0.6
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows re
8.8
HIGH
CVE-2016-3620
<= 4.0.6
The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows re
7.5
HIGH
CVE-2016-3619
all versions
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used
6.5
MEDIUM
CVE-2016-3991
<= 4.0.6
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to
7.8
HIGH
CVE-2016-3990
<= 4.0.6
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote atta
7.8
HIGH
CVE-2016-3945
<= 4.0.6
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlie
7.8
HIGH
CVE-2016-3632
<= 4.0.6
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (ou
7.8
HIGH
CVE-2016-3186
all versions
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service
6.2
MEDIUM
CVE-2015-8784
< 4.0.7
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a
6.5
MEDIUM
CVE-2015-8683
all versions
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-b
5.5
MEDIUM
CVE-2015-8665
all versions
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel
5.5
MEDIUM
CVE-2015-1547
<= 4.0.6
The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access
6.5
MEDIUM
CVE-2014-9655
<= 4.0.6
The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote atta
6.5
MEDIUM
CVE-2015-8783
< 4.0.7
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.
6.5
MEDIUM
CVE-2015-8782
< 4.0.7
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vu
6.5
MEDIUM
CVE-2015-8781
< 4.0.7
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixe
6.5
MEDIUM
CVE-2015-8668
<= 4.0.6
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows rem
9.8
CRITICAL
CVE-2015-7554
all versions
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and
9.8
CRITICAL
CVE-2014-9330
all versions
Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via cr
CVE-2013-4231
<= 4.0.2
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a
CVE-2013-4244
<= 4.0.3
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of ser
CVE-2013-4243
<= 4.0.3
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers
CVE-2013-4232
all versions
Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers
CVE-2013-1961
<= 4.0.3
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to caus
CVE-2013-1960
<= 4.0.3
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers
CVE-2012-5581
<= 4.0.1
Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and
CVE-2012-4564
<= 4.0.3
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of serv
CVE-2012-4447
<= 4.0.2
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (applica
CVE-2012-3401
<= 4.0.2
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P c
CVE-2012-2113
<= 4.0.1
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application cr
CVE-2012-2088
<= 3.9.4
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers t
CVE-2012-1173
all versions
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile
CVE-2010-4665
<= 3.9.4
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause
CVE-2009-5022
<= 3.9.4
Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrar
CVE-2011-1167
<= 3.9.4
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote at
CVE-2010-3087
all versions
LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possi
CVE-2010-2631
all versions
LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this
CVE-2010-2630
all versions
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-
CVE-2010-2483
all versions
The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and applic
CVE-2010-2482
<= 3.9.4
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a de
CVE-2010-2481
<= 3.9.3
The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allo
CVE-2010-2597
all versions
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which al
CVE-2010-2596
all versions
The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a den
CVE-2010-2595
all versions
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhi
CVE-2010-2233
all versions
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, w
CVE-2010-2443
<= 3.9.2
The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL
CVE-2010-2067
< 3.9.4
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attack
CVE-2010-2065
<= 3.9.2
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (applicatio
CVE-2009-2347
all versions
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-depende
CVE-2009-2285
all versions
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service
CVE-2008-2327
<= 3.8.2
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW de
CVE-2006-3465
<= 3.8.1
Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a
CVE-2006-3464
<= 3.8.1
TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and
CVE-2006-3463
<= 3.8.1
The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an un
CVE-2006-3462
<= 3.8.1
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attack
CVE-2006-3461
<= 3.8.1
Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attack
CVE-2006-3460
<= 3.8.1
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to ca
CVE-2006-3459
<= 3.8.1
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products
CVE-2006-2193
<= 3.8.2
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial o
CVE-2006-2656
<= 3.8.2
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might allow attackers to execute arbitrary
CVE-2006-2120
all versions
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF ima
CVE-2006-2026
<= 3.8.0
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (c
CVE-2006-2025
<= 3.8.0
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cau
CVE-2006-2024
<= 3.8.0
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image t
CVE-2006-0405
all versions
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (applicatio
CVE-2005-2452
all versions
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "
CVE-2005-1544
all versions
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malfo
CVE-2004-0929
all versions
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJP
CVE-2004-0886
all versions
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corru
CVE-2004-1308
all versions
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary
CVE-2004-1183
all versions
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (appli
CVE-2004-0803
all versions
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and
CVE-2004-1307
all versions
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitra
CVE-2004-0804
< 3.7.0
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF ima
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin