Search Results (263 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2120 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
CVE-2006-2026 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."
CVE-2006-0405 1 Libtiff 1 Libtiff 2026-04-16 N/A
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function.
CVE-2006-3461 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors.
CVE-2006-2193 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.
CVE-2006-3462 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.
CVE-2006-3463 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.
CVE-2005-1544 1 Libtiff 1 Libtiff 2026-04-16 N/A
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.
CVE-2006-2656 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.
CVE-2004-0803 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2026-04-16 N/A
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
CVE-2004-1307 11 Apple, Avaya, Conectiva and 8 more 20 Mac Os X, Mac Os X Server, Call Management System Server and 17 more 2026-04-16 N/A
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
CVE-2004-0929 2 Libtiff, Suse 2 Libtiff, Suse Linux 2026-04-16 N/A
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.
CVE-2017-5225 1 Libtiff 1 Libtiff 2026-03-02 8.8 High
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
CVE-2025-61145 1 Libtiff 1 Libtiff 2026-02-25 5.5 Medium
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
CVE-2025-61144 1 Libtiff 1 Libtiff 2026-02-25 9.8 Critical
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
CVE-2025-61143 1 Libtiff 1 Libtiff 2026-02-25 5.5 Medium
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.
CVE-2024-7006 2 Libtiff, Redhat 6 Libtiff, Enterprise Linux, Enterprise Linux For Arm 64 and 3 more 2026-01-23 7.5 High
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.
CVE-2023-41175 3 Fedoraproject, Libtiff, Redhat 3 Fedora, Libtiff, Enterprise Linux 2026-01-22 6.5 Medium
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
CVE-2023-40745 4 Fedoraproject, Libtiff, Netapp and 1 more 4 Fedora, Libtiff, Active Iq Unified Manager and 1 more 2026-01-22 6.5 Medium
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
CVE-2023-6277 3 Fedoraproject, Libtiff, Redhat 3 Fedora, Libtiff, Enterprise Linux 2026-01-22 6.5 Medium
An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.