The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-10126 | LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c. | MEDIUM | Apr 21, 2018 | n/a |
| CVE-2017-16232 | LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue | MEDIUM | Jan 14, 2018 | n/a |
| CVE-2017-7600 | LibTIFF 4.0.7 has an outside the range of representable values of type unsigned char undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | MEDIUM | Apr 9, 2017 | n/a |
| CVE-2017-7599 | LibTIFF 4.0.7 has an outside the range of representable values of type short undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | MEDIUM | Apr 9, 2017 | n/a |
| CVE-2017-7596 | LibTIFF 4.0.7 has an outside the range of representable values of type float undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | MEDIUM | Apr 9, 2017 | n/a |
| CVE-2017-9147 | LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file. | MEDIUM | May 22, 2017 | n/a |
| CVE-2017-7602 | LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | MEDIUM | Apr 9, 2017 | n/a |
| CVE-2017-7601 | LibTIFF 4.0.7 has a shift exponent too large for 64-bit type long undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | MEDIUM | Apr 9, 2017 | n/a |
| CVE-2016-10272 | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to WRITE of size 2048 and libtiff/tif_next.c:64:9. | MEDIUM | Mar 27, 2017 | n/a |
| CVE-2016-10270 | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to READ of size 8 and libtiff/tif_read.c:523:22. | MEDIUM | Mar 27, 2017 | n/a |
| CVE-2016-10269 | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to READ of size 512 and libtiff/tif_unix.c:340:2. | MEDIUM | Mar 27, 2017 | n/a |
| CVE-2016-10266 | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. | MEDIUM | Mar 27, 2017 | n/a |
| CVE-2016-10267 | LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. | MEDIUM | Mar 27, 2017 | n/a |
| CVE-2014-8129 | LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. | MEDIUM | Feb 23, 2016 | n/a |
| CVE-2010-2482 | LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.Per: http://cwe.mitre.org/data/definitions/476.html \'CWE-476: NULL Pointer Dereference\' | Medium | Jul 7, 2010 | n/a |
| CVE-2018-18557 | LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write. | MEDIUM | Oct 22, 2018 | n/a |
| CVE-2010-2631 | LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481. | Medium | Jul 7, 2010 | n/a |
| CVE-2020-27743 | libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id. | HIGH | Oct 27, 2020 | n/a |
| CVE-2016-3921 | libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 29831647. | HIGH | Oct 12, 2016 | n/a |
| CVE-2017-17517 | libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | MEDIUM | Dec 14, 2017 | n/a |
| CVE-2016-9825 | libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | MEDIUM | Mar 2, 2017 | n/a |
| CVE-2016-2328 | libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the bayer_to_rgb24_wrapper and bayer_to_yv12_wrapper functions. | MEDIUM | Feb 12, 2016 | n/a |
| CVE-2013-4246 | libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties. | -- | Nov 1, 2017 | n/a |
| CVE-2016-5746 | libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.<a href=http://cwe.mitre.org/data/definitions/313.html>CWE-313: Cleartext Storage in a File or on Disk</a> | LOW | Sep 28, 2016 | n/a |
| CVE-2016-0803 | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794. | HIGH | Feb 6, 2016 | n/a |
| CVE-2016-2485 | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27793367. | HIGH | Jun 12, 2016 | n/a |
| CVE-2016-2484 | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27793163. | HIGH | Jun 12, 2016 | n/a |
| CVE-2016-2487 | libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27833616. | HIGH | Jun 12, 2016 | n/a |
| CVE-2015-3876 | libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file. | High | Oct 2, 2015 | n/a |
| CVE-2015-6631 | libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24623447. | Medium | Dec 9, 2015 | n/a |
| CVE-2015-6632 | libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24346430. | Medium | Dec 9, 2015 | n/a |
| CVE-2015-6626 | libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24310423. | Medium | Dec 9, 2015 | n/a |
| CVE-2015-6620 | libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bugs 24123723 and 24445127. | High | Dec 9, 2015 | n/a |
| CVE-2015-6610 | libstagefright in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka internal bug 23707088. | High | Nov 3, 2015 | n/a |
| CVE-2015-3873 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23016072, 23248776, 23247055, 22845824, 22008959, 21814993, 21048776, 20718524, 20674674, 22388975, 20674086, 21443020, and 22077698, a different vulnerability than CVE-2015-7716. | High | Oct 7, 2015 | n/a |
| CVE-2015-6599 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23416608. | High | Oct 7, 2015 | n/a |
| CVE-2015-3872 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23346388. | High | Oct 7, 2015 | n/a |
| CVE-2015-6598 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23306638. | High | Oct 7, 2015 | n/a |
| CVE-2015-3868 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23270724. | High | Oct 7, 2015 | n/a |
| CVE-2015-6603 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23227354. | High | Oct 7, 2015 | n/a |
| CVE-2015-3867 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23213430. | High | Oct 7, 2015 | n/a |
| CVE-2015-6604 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23129786. | High | Oct 7, 2015 | n/a |
| CVE-2015-3869 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23036083. | High | Oct 7, 2015 | n/a |
| CVE-2015-3871 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23031033. | High | Oct 7, 2015 | n/a |
| CVE-2015-6601 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22935234. | High | Oct 7, 2015 | n/a |
| CVE-2015-6600 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22882938. | High | Oct 7, 2015 | n/a |
| CVE-2015-3870 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22771132. | High | Oct 7, 2015 | n/a |
| CVE-2015-3823 | libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999. | High | Oct 7, 2015 | n/a |
| CVE-2015-7716 | libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20721050, a different vulnerability than CVE-2015-3873. | High | Oct 7, 2015 | n/a |
| CVE-2016-0739 | libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a bits/bytes confusion bug. | MEDIUM | Apr 18, 2016 | n/a |
