Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-11	CVE-2022-0561	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff redhat fedoraproject debian netapp CWE-476	5.5
2022-02-11	CVE-2022-0562	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff fedoraproject debian netapp CWE-476	5.5
2022-01-10	CVE-2022-22844	Out-of-bounds Read vulnerability in multiple products LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. local low complexity libtiff debian netapp CWE-125	5.5
2021-03-09	CVE-2020-35522	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. local low complexity libtiff netapp fedoraproject redhat CWE-119	5.5
2021-03-09	CVE-2020-35521	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in libtiff. local low complexity libtiff redhat fedoraproject netapp CWE-119	5.5
2020-02-12	CVE-2014-8128	Out-of-bounds Write vulnerability in Libtiff LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image. network libtiff apple CWE-787	4.3
2019-08-14	CVE-2019-14973	Integer Overflow or Wraparound vulnerability in multiple products _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. network low complexity libtiff debian fedoraproject opensuse CWE-190	6.5
2019-02-09	CVE-2019-7663	An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. network libtiff debian canonical opensuse	4.3
2018-11-12	CVE-2018-19210	NULL Pointer Dereference vulnerability in multiple products In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. network low complexity libtiff debian canonical CWE-476	6.5
2018-10-26	CVE-2018-18661	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibTIFF 4.0.9. network libtiff canonical CWE-476	4.3