Leadtools
by Leadtools
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-5093 | Cri | 0.64 | 9.8 | 0.03 | Dec 12, 2019 | An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this… | ||
| CVE-2019-5085 | Cri | 0.64 | 9.8 | 0.03 | Dec 12, 2019 | An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this… | ||
| CVE-2019-5154 | Hig | 0.57 | 8.8 | 0.03 | Dec 12, 2019 | An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code execution. An attack can… | ||
| CVE-2019-5092 | Hig | 0.57 | 8.8 | 0.02 | Dec 12, 2019 | An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting… | ||
| CVE-2022-21154 | Hig | 0.51 | 7.8 | 0.01 | Apr 14, 2022 | An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. A specially-crafted BMP file can lead to an integer overflow, that in turn causes a buffer overflow. An attacker can provide a malicious BMP file to trigger this vulnerability. | ||
| CVE-2020-6089 | Hig | 0.51 | 7.8 | 0.03 | Jul 1, 2020 | An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2019-5125 | Hig | 0.51 | 7.8 | 0.02 | Nov 6, 2019 | An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to… | ||
| CVE-2019-5100 | Hig | 0.51 | 7.8 | 0.02 | Nov 6, 2019 | An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this… | ||
| CVE-2019-5099 | Hig | 0.51 | 7.8 | 0.02 | Nov 6, 2019 | An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this… | ||
| CVE-2019-5091 | Hig | 0.49 | 7.5 | 0.02 | Dec 12, 2019 | An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this… | ||
| CVE-2019-5090 | Hig | 0.49 | 7.5 | 0.02 | Dec 12, 2019 | An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet… |
- risk 0.64cvss 9.8epss 0.03
An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this…
- risk 0.64cvss 9.8epss 0.03
An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this…
- risk 0.57cvss 8.8epss 0.03
An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code execution. An attack can…
- risk 0.57cvss 8.8epss 0.02
An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting…
- risk 0.51cvss 7.8epss 0.01
An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. A specially-crafted BMP file can lead to an integer overflow, that in turn causes a buffer overflow. An attacker can provide a malicious BMP file to trigger this vulnerability.
- risk 0.51cvss 7.8epss 0.03
An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
- risk 0.51cvss 7.8epss 0.02
An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this…
- risk 0.49cvss 7.5epss 0.02
An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this…
- risk 0.49cvss 7.5epss 0.02
An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet…