Vulnerabilities (CVE)

Filtered by vendor Autotrace Project Subscribe
Total 55 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1953 1 Autotrace Project 1 Autotrace 2024-11-21 6.8 MEDIUM N/A
Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow.
CVE-2022-32323 2 Autotrace Project, Fedoraproject 2 Autotrace, Fedora 2024-02-04 6.8 MEDIUM 7.3 HIGH
AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
CVE-2019-19005 2 Autotrace Project, Fedoraproject 2 Autotrace, Fedora 2024-02-04 6.8 MEDIUM 7.8 HIGH
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
CVE-2019-19004 2 Autotrace Project, Fedoraproject 2 Autotrace, Fedora 2024-02-04 4.3 MEDIUM 3.3 LOW
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
CVE-2017-9193 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33.
CVE-2017-9191 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15.
CVE-2017-9198 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.
CVE-2017-9199 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.
CVE-2017-9196 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.
CVE-2017-9192 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7.
CVE-2017-9200 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63.
CVE-2017-9195 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.
CVE-2017-9197 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.
CVE-2017-9194 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29.
CVE-2017-9178 1 Autotrace Project 1 Autotrace 2024-02-04 5.0 MEDIUM 7.5 HIGH
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:421:11.
CVE-2017-9183 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7.
CVE-2017-9161 1 Autotrace Project 1 Autotrace 2024-02-04 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23.
CVE-2017-9155 1 Autotrace Project 1 Autotrace 2024-02-04 5.0 MEDIUM 7.5 HIGH
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3.
CVE-2017-9190 1 Autotrace Project 1 Autotrace 2024-02-04 5.0 MEDIUM 7.5 HIGH
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid free), related to the free_bitmap function in bitmap.c:24:5.
CVE-2017-9158 1 Autotrace Project 1 Autotrace 2024-02-04 5.0 MEDIUM 7.5 HIGH
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_raw function in input-pnm.c:336:11.