Max CVSS 9.3 Min CVSS 2.1 Total Count86
IDCVSSSummaryLast (major) updatePublished
CVE-2017-2492 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "JavaScriptCore" component. It allows remote attackers to conduct Universal XSS (UXSS
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2016-5875 None
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descr
11-03-2018 - 22:29 11-03-2018 - 22:29
CVE-2016-9591 4.3
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
09-03-2018 - 15:29 09-03-2018 - 15:29
CVE-2017-2491 6.8
Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file.
27-06-2017 - 16:29 27-06-2017 - 16:29
CVE-2014-8127 4.3
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tif
26-06-2017 - 11:29 26-06-2017 - 11:29
CVE-2017-7377 2.1
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.
17-04-2017 - 09:28 10-04-2017 - 11:59
CVE-2016-10251 6.8
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
13-04-2017 - 21:59 15-03-2017 - 10:59
CVE-2016-10249 6.8
Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow.
13-04-2017 - 21:59 15-03-2017 - 10:59
CVE-2017-7228 7.2
An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory access
11-04-2017 - 21:59 04-04-2017 - 10:59
CVE-2017-2476 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2466 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2460 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2459 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2455 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2454 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
11-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-7407 2.1
The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argum
11-04-2017 - 11:45 03-04-2017 - 16:59
CVE-2017-2416 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to
09-04-2017 - 21:59 01-04-2017 - 21:59
CVE-2017-2444 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers
07-04-2017 - 14:03 01-04-2017 - 21:59
CVE-2017-2386 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and o
07-04-2017 - 13:52 01-04-2017 - 21:59
CVE-2017-2394 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
07-04-2017 - 13:15 01-04-2017 - 21:59
CVE-2017-2395 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
07-04-2017 - 13:05 01-04-2017 - 21:59
CVE-2017-2415 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to exe
07-04-2017 - 09:55 01-04-2017 - 21:59
CVE-2017-2448 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Key
06-04-2017 - 21:02 01-04-2017 - 21:59
CVE-2017-2445 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attack
06-04-2017 - 15:08 01-04-2017 - 21:59
CVE-2017-2367 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and o
06-04-2017 - 15:08 01-04-2017 - 21:59
CVE-2017-2396 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:59 01-04-2017 - 21:59
CVE-2017-2464 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:46 01-04-2017 - 21:59
CVE-2017-2469 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:45 01-04-2017 - 21:59
CVE-2017-2468 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:45 01-04-2017 - 21:59
CVE-2017-2465 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:45 01-04-2017 - 21:59
CVE-2017-2447 5.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information or cau
06-04-2017 - 14:43 01-04-2017 - 21:59
CVE-2017-2446 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafte
06-04-2017 - 14:43 01-04-2017 - 21:59
CVE-2017-2470 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:21 01-04-2017 - 21:59
CVE-2017-2481 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a d
06-04-2017 - 14:19 01-04-2017 - 21:59
CVE-2017-2475 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attack
06-04-2017 - 12:39 01-04-2017 - 21:59
CVE-2017-2490 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
05-04-2017 - 19:51 01-04-2017 - 21:59
CVE-2017-2487 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
05-04-2017 - 19:51 01-04-2017 - 21:59
CVE-2017-2485 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to
05-04-2017 - 19:51 01-04-2017 - 21:59
CVE-2017-2483 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attack
05-04-2017 - 19:50 01-04-2017 - 21:59
CVE-2017-2482 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attack
05-04-2017 - 19:50 01-04-2017 - 21:59
CVE-2017-2478 7.6
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attacke
05-04-2017 - 19:49 01-04-2017 - 21:59
CVE-2017-2474 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows atta
05-04-2017 - 19:49 01-04-2017 - 21:59
CVE-2017-2473 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
05-04-2017 - 19:48 01-04-2017 - 21:59
CVE-2017-2472 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
05-04-2017 - 19:48 01-04-2017 - 21:59
CVE-2017-2467 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to
05-04-2017 - 19:48 01-04-2017 - 21:59
CVE-2017-2462 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to ex
05-04-2017 - 19:48 01-04-2017 - 21:59
CVE-2017-2461 5.0
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to
05-04-2017 - 19:47 01-04-2017 - 21:59
CVE-2017-2458 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Keyboards" component. A buffer overflow allows att
05-04-2017 - 19:47 01-04-2017 - 21:59
CVE-2017-2456 7.6
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attacke
05-04-2017 - 19:46 01-04-2017 - 21:59
CVE-2017-2451 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows attackers to execut
05-04-2017 - 19:46 01-04-2017 - 21:59
CVE-2017-2450 5.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to
05-04-2017 - 19:45 01-04-2017 - 21:59
CVE-2017-2441 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "libc++abi" component. A use-after-free vulnerabili
05-04-2017 - 19:45 01-04-2017 - 21:59
CVE-2017-2440 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
05-04-2017 - 19:44 01-04-2017 - 21:59
CVE-2017-2439 5.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
05-04-2017 - 19:44 01-04-2017 - 21:59
CVE-2017-2435 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to
05-04-2017 - 19:43 01-04-2017 - 21:59
CVE-2017-2432 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "ImageIO" component. It allows remote attackers to
05-04-2017 - 19:43 01-04-2017 - 21:59
CVE-2017-2430 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Audio" component. It allows remote attackers to ex
05-04-2017 - 19:43 01-04-2017 - 21:59
CVE-2017-2428 7.5
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component.
05-04-2017 - 19:43 01-04-2017 - 21:59
CVE-2017-2417 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attacker
05-04-2017 - 19:43 01-04-2017 - 21:59
CVE-2017-2407 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
05-04-2017 - 19:42 01-04-2017 - 21:59
CVE-2017-2406 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "FontParser" component. It allows remote attackers
05-04-2017 - 19:41 01-04-2017 - 21:59
CVE-2017-2401 9.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute
05-04-2017 - 19:41 01-04-2017 - 21:59
CVE-2017-2390 2.1
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It a
05-04-2017 - 19:40 01-04-2017 - 21:59
CVE-2017-2379 6.8
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Carbon" component. It allows remote attackers to e
05-04-2017 - 19:40 01-04-2017 - 21:59
CVE-2017-3819 9.0
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attack
30-03-2017 - 10:57 15-03-2017 - 16:59
CVE-2016-3619 4.3
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
29-03-2017 - 21:59 03-10-2016 - 12:09
CVE-2017-6903 9.3
In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 (aka Quake 3 engine) forks. A malicious auto-downloaded file can trig
28-03-2017 - 11:47 14-03-2017 - 18:59
CVE-2017-7207 4.3
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
23-03-2017 - 09:16 21-03-2017 - 02:59
CVE-2017-5929 7.5
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
13-03-2017 - 12:16 13-03-2017 - 02:59
CVE-2016-9643 5.0
The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis).
09-03-2017 - 14:44 07-03-2017 - 11:59
CVE-2016-10190 7.5
Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
24-02-2017 - 15:19 09-02-2017 - 10:59
CVE-2016-9642 4.3
JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
16-02-2017 - 09:26 03-02-2017 - 10:59
CVE-2017-5838 5.0
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
13-02-2017 - 17:44 09-02-2017 - 10:59
CVE-2017-5843 5.0
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors
13-02-2017 - 17:35 09-02-2017 - 10:59
CVE-2017-5848 5.0
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
13-02-2017 - 17:29 09-02-2017 - 10:59
CVE-2016-9448 5.0
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: t
07-02-2017 - 16:20 27-01-2017 - 12:59
CVE-2016-8685 4.3
The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image.
05-02-2017 - 15:15 31-01-2017 - 17:59
CVE-2016-3622 4.3
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
27-01-2017 - 12:53 03-10-2016 - 12:09
CVE-2016-3623 5.0
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
27-01-2017 - 11:57 03-10-2016 - 12:09
CVE-2016-5321 4.3
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.
27-01-2017 - 10:17 20-01-2017 - 10:59
CVE-2016-9273 4.3
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
27-01-2017 - 10:14 18-01-2017 - 12:59
CVE-2016-5323 5.0
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.
25-01-2017 - 15:19 20-01-2017 - 10:59
CVE-2016-5652 6.8
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a save
10-01-2017 - 21:59 06-01-2017 - 16:59
CVE-2015-8683 4.3
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.
02-12-2016 - 22:13 13-04-2016 - 13:59
CVE-2015-8665 4.3
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.
02-12-2016 - 22:13 13-04-2016 - 13:59
CVE-2016-3658 5.0
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.
28-11-2016 - 15:12 03-10-2016 - 12:09
Back to Top Mark selected
Back to Top