VYPR
Vendor

Potrace Project

Products
1
CVEs
15
Across products
15
Status
Private

Products

1

Recent CVEs

15
  • CVE-2017-7263HigMar 26, 2017
    risk 0.51cvss 7.8epss 0.01

    The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an…

  • CVE-2016-8703HigJan 31, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and…

  • CVE-2016-8702HigJan 31, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and…

  • CVE-2016-8701HigJan 31, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and…

  • CVE-2016-8700HigJan 31, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8701, CVE-2016-8702, and…

  • CVE-2016-8699HigJan 31, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and…

  • CVE-2016-8698HigJan 31, 2017
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and…

  • CVE-2016-8686HigJan 31, 2017
    risk 0.51cvss 7.8epss 0.02

    The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

  • CVE-2017-12067HigAug 1, 2017
    risk 0.49cvss 7.5epss 0.01

    Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.

  • CVE-2016-8697MedJan 31, 2017
    risk 0.36cvss 5.5epss 0.01

    The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image.

  • CVE-2016-8696MedJan 31, 2017
    risk 0.36cvss 5.5epss 0.02

    The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695.

  • CVE-2016-8695MedJan 31, 2017
    risk 0.36cvss 5.5epss 0.02

    The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8696.

  • CVE-2016-8694MedJan 31, 2017
    risk 0.36cvss 5.5epss 0.02

    The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696.

  • CVE-2016-8685MedJan 31, 2017
    risk 0.36cvss 5.5epss 0.01

    The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image.

  • CVE-2013-7437Mar 29, 2015
    risk 0.00cvss epss 0.03

    Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service (crash) via large dimensions in a BMP image, which triggers a buffer overflow.