Vulnerabilities (CVE)

Filtered by vendor Libtiff Subscribe
Filtered by product Libtiff
Total 262 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5317 3 Libtiff, Opensuse, Opensuse Project 3 Libtiff, Opensuse, Leap 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.
CVE-2016-5316 3 Libtiff, Opensuse, Opensuse Project 3 Libtiff, Opensuse, Leap 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
CVE-2016-5315 2 Debian, Libtiff 2 Debian Linux, Libtiff 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
CVE-2016-5314 4 Debian, Libtiff, Opensuse and 1 more 5 Debian Linux, Libtiff, Leap and 2 more 2026-06-17 6.8 MEDIUM 8.8 HIGH
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
CVE-2016-5102 1 Libtiff 1 Libtiff 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.
CVE-2016-3991 2 Libtiff, Oracle 2 Libtiff, Vm Server 2026-06-17 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
CVE-2016-3990 2 Libtiff, Oracle 2 Libtiff, Vm Server 2026-06-17 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.
CVE-2016-3945 2 Libtiff, Oracle 2 Libtiff, Vm Server 2026-06-17 6.8 MEDIUM 7.8 HIGH
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.
CVE-2016-3658 1 Libtiff 1 Libtiff 2026-06-17 5.0 MEDIUM 7.5 HIGH
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.
CVE-2016-3634 1 Libtiff 1 Libtiff 2026-06-17 5.0 MEDIUM 7.5 HIGH
The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.
CVE-2016-3633 1 Libtiff 1 Libtiff 2026-06-17 5.0 MEDIUM 7.5 HIGH
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
CVE-2016-3632 2 Libtiff, Oracle 2 Libtiff, Vm Server 2026-06-17 6.8 MEDIUM 7.8 HIGH
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
CVE-2016-3631 1 Libtiff 1 Libtiff 2026-06-17 5.0 MEDIUM 7.5 HIGH
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.
CVE-2016-3625 1 Libtiff 1 Libtiff 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
CVE-2016-3624 1 Libtiff 1 Libtiff 2026-06-17 5.0 MEDIUM 7.5 HIGH
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
CVE-2016-3623 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2026-06-17 5.0 MEDIUM 7.5 HIGH
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
CVE-2016-3622 1 Libtiff 1 Libtiff 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
CVE-2016-3621 1 Libtiff 1 Libtiff 2026-06-17 6.8 MEDIUM 8.8 HIGH
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVE-2016-3620 1 Libtiff 1 Libtiff 2026-06-17 5.0 MEDIUM 7.5 HIGH
The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVE-2016-3619 1 Libtiff 1 Libtiff 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.