VYPR
Vendor

Vadz

Products
1
CVEs
16
Across products
16
Status
Private

Products

1

Recent CVEs

16
  • CVE-2016-9533CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.03

    tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow."

  • CVE-2018-5360HigJan 14, 2018
    risk 0.57cvss 8.8epss 0.02

    LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.

  • CVE-2016-3634HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.02

    The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.

  • CVE-2016-3633HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.02

    The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.

  • CVE-2016-3631HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.03

    The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.

  • CVE-2016-3624HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.04

    The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.

  • CVE-2016-10271HigMar 24, 2017
    risk 0.44cvss 7.8epss 0.02

    tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.

  • CVE-2018-10801MedMay 8, 2018
    risk 0.42cvss 6.5epss 0.01

    TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.

  • CVE-2018-10126MedApr 21, 2018
    risk 0.42cvss 6.5epss 0.02

    ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

  • CVE-2016-3625MedOct 3, 2016
    risk 0.42cvss 6.5epss 0.02

    tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.

  • CVE-2014-9655MedApr 13, 2016
    risk 0.42cvss 6.5epss 0.03

    The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.

  • CVE-2015-8784MedApr 13, 2016
    risk 0.36cvss 6.5epss 0.04

    The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.

  • CVE-2013-1960Jul 3, 2013
    risk 0.01cvss epss 0.12

    Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.

  • CVE-2022-34266Jul 19, 2022
    risk 0.00cvss epss 0.00

    The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the…

  • CVE-2017-16232Mar 17, 2019
    risk 0.00cvss epss 0.05

    LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue

  • CVE-2013-1961Jul 3, 2013
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.