Autotrace Project Autotrace — known CVE vulnerabilities
Every CVE whose affected-product data names Autotrace Project Autotrace, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (55)
CVE-2017-9200 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63.
CVE-2017-9184 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7.
CVE-2017-9185 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7.
CVE-2017-9186 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17.
CVE-2017-9187 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7.
CVE-2017-9188 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63.
CVE-2017-9164 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11.
CVE-2017-9165 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11.
CVE-2017-9191 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15.
CVE-2017-9192 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7.
CVE-2017-9193 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33.
CVE-2017-9194 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29.
CVE-2017-9195 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.
CVE-2017-9196 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.
CVE-2017-9197 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.
CVE-2017-9198 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.
CVE-2017-9199 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.
CVE-2017-9166 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11.
CVE-2017-9167 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:337:25.
CVE-2017-9168 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:353:25.
CVE-2017-9169 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25.
CVE-2017-9170 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:370:25.
CVE-2017-9171 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24.
CVE-2017-9172 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:496:29.
CVE-2017-9173 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:497:29.
CVE-2017-9152 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41.
CVE-2017-9153 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_rawpbm function in input-pnm.c:391:13.
CVE-2017-9183 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7.
CVE-2017-9151 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_ascii function in input-pnm.c:303:12.
CVE-2017-9160 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in the pnmscanner_gettoken function in input-pnm.c:458:12.
CVE-2017-9161 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23.
CVE-2017-9162 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:191:2.
CVE-2017-9163 — CVSS 9.8 (critical): libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54.
CVE-2019-19005 — CVSS 7.8 (high): A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may…
CVE-2017-9182 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (use-after-free and invalid heap read), related to…
CVE-2017-9154 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR…
CVE-2017-9155 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the…
CVE-2017-9156 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the…
CVE-2017-9157 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the…
CVE-2017-9158 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the…
CVE-2017-9159 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the…
CVE-2017-9174 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR…
CVE-2017-9175 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage…
CVE-2017-9176 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage…
CVE-2017-9177 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage…
CVE-2017-9178 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage…
CVE-2017-9179 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage…
CVE-2017-9180 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage…
CVE-2017-9181 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage…
CVE-2017-9189 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to…
CVE-2017-9190 — CVSS 7.5 (high): libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid free), related to the free_bitmap function…
CVE-2022-32323 — CVSS 7.3 (high): AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
CVE-2013-1953 — CVSS 6.8 (medium): Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an…
CVE-2016-7392 — CVSS 5.5 (medium): Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to…
CVE-2019-19004 — CVSS 3.3 (low): A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via…