tiff (SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 package tiff, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (38)
CVE-2015-7554 — CVSS 9.8 (critical): The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or…
CVE-2017-5225 — CVSS 8.8 (high): LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted…
CVE-2017-7596 — CVSS 7.8 (high): LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers…
CVE-2017-7600 — CVSS 7.8 (high): LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote…
CVE-2016-10268 — CVSS 7.8 (high): tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read)…
CVE-2016-10270 — CVSS 7.8 (high): LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact…
CVE-2016-10271 — CVSS 7.8 (high): tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or…
CVE-2016-10272 — CVSS 7.8 (high): LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact…
CVE-2017-7599 — CVSS 7.8 (high): LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers…
CVE-2016-9453 — CVSS 7.8 (high): The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash)…
CVE-2017-7592 — CVSS 7.8 (high): The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers…
CVE-2017-7602 — CVSS 7.8 (high): LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or…
CVE-2017-7601 — CVSS 7.8 (high): LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a…
CVE-2017-7598 — CVSS 7.8 (high): tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a…
CVE-2017-7597 — CVSS 7.8 (high): tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow…
CVE-2016-5323 — CVSS 7.5 (high): The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and…
CVE-2017-16232 — CVSS 7.5 (high): LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as…
CVE-2016-3658 — CVSS 7.5 (high): The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers…
CVE-2016-9297 — CVSS 7.5 (high): The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted…
CVE-2016-9448 — CVSS 7.5 (high): The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash)…
CVE-2016-5652 — CVSS 7.0 (high): An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can…
CVE-2014-8127 — CVSS 6.5 (medium): LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1)…
CVE-2014-8128 — CVSS 6.5 (medium): LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a…
CVE-2016-3622 — CVSS 6.5 (medium): The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service…
CVE-2016-5318 — CVSS 6.5 (medium): Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application…
CVE-2016-5321 — CVSS 6.5 (medium): The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a…
CVE-2017-9403 — CVSS 6.5 (medium): In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers…
CVE-2017-9404 — CVSS 6.5 (medium): In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows…
CVE-2017-7595 — CVSS 5.5 (medium): The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and…
CVE-2016-9273 — CVSS 5.5 (medium): tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to…
CVE-2017-7593 — CVSS 5.5 (medium): tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain…
CVE-2016-10371 — CVSS 5.5 (medium): The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service…
CVE-2016-10267 — CVSS 5.5 (medium): LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image…
CVE-2016-10266 — CVSS 5.5 (medium): LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image…
CVE-2016-10095 — CVSS 5.5 (medium): Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7…
CVE-2017-7594 — CVSS 5.5 (medium): The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service…
CVE-2016-5875: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of…