Vulnerabilities > Autotrace Project

DATE CVE VULNERABILITY TITLE RISK
2022-07-14 CVE-2022-32323 Out-of-bounds Write vulnerability in multiple products
AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
local
low complexity
autotrace-project fedoraproject CWE-787
7.3
2021-02-11 CVE-2019-19005 Double Free vulnerability in multiple products
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image.
local
low complexity
autotrace-project fedoraproject CWE-415
7.8
2021-02-11 CVE-2019-19004 Integer Overflow or Wraparound vulnerability in multiple products
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
local
low complexity
autotrace-project fedoraproject CWE-190
3.3
2017-05-23 CVE-2017-9200 Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63.
network
low complexity
autotrace-project CWE-190
critical
9.8
2017-05-23 CVE-2017-9199 Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.
network
low complexity
autotrace-project CWE-190
critical
9.8
2017-05-23 CVE-2017-9198 Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.
network
low complexity
autotrace-project CWE-190
critical
9.8
2017-05-23 CVE-2017-9197 Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.
network
low complexity
autotrace-project CWE-190
critical
9.8
2017-05-23 CVE-2017-9196 Integer Overflow or Wraparound vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.
network
low complexity
autotrace-project CWE-190
critical
9.8
2017-05-23 CVE-2017-9195 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.
network
low complexity
autotrace-project CWE-125
critical
9.8
2017-05-23 CVE-2017-9194 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29.
network
low complexity
autotrace-project CWE-125
critical
9.8