VYPR

Freeimage

by Freeimage Project

CVEs (53)

  • CVE-2024-31570CriSep 19, 2024
    risk 0.64cvss 9.8epss 0.01

    libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.

  • CVE-2023-47994HigJan 9, 2024
    risk 0.57cvss 8.8epss 0.01

    An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.

  • CVE-2023-47992HigJan 9, 2024
    risk 0.57cvss 8.8epss 0.01

    An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code.

  • CVE-2021-40265HigAug 22, 2023
    risk 0.57cvss 8.8epss 0.01

    A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp.

  • CVE-2021-40263HigAug 22, 2023
    risk 0.57cvss 8.8epss 0.01

    A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp.

  • CVE-2020-24295HigAug 22, 2023
    risk 0.57cvss 8.8epss 0.01

    Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.

  • CVE-2020-24293HigAug 22, 2023
    risk 0.57cvss 8.8epss 0.01

    Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.

  • CVE-2020-24292HigAug 22, 2023
    risk 0.57cvss 8.8epss 0.01

    Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file.

  • CVE-2024-28582HigMar 20, 2024
    risk 0.55cvss 8.4epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format.

  • CVE-2024-28581HigMar 20, 2024
    risk 0.55cvss 8.4epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format.

  • CVE-2024-28580HigMar 20, 2024
    risk 0.55cvss 8.4epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

  • CVE-2024-28578HigMar 20, 2024
    risk 0.55cvss 8.4epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Load() function when reading images in RAS format.

  • CVE-2024-28566HigMar 20, 2024
    risk 0.55cvss 8.4epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format.

  • CVE-2024-28583HigMar 20, 2024
    risk 0.51cvss 7.8epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the readLine() function when reading images in XPM format.

  • CVE-2024-28569HigMar 20, 2024
    risk 0.51cvss 7.8epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::Xdr::read() function when reading images in EXR format.

  • CVE-2020-21428HigAug 22, 2023
    risk 0.51cvss 7.8epss 0.00

    Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

  • CVE-2020-21427HigAug 22, 2023
    risk 0.51cvss 7.8epss 0.01

    Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

  • CVE-2020-21426HigAug 22, 2023
    risk 0.51cvss 7.8epss 0.00

    Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

  • CVE-2016-5684HigJan 6, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this…

  • CVE-2024-9029HigSep 27, 2024
    risk 0.49cvss 7.5epss 0.00

    A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked…

Page 1 of 3