Vulnerabilities (CVE)

Filtered by vendor Autotrace Project Subscribe
Filtered by product Autotrace
Total 54 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19004 1 Autotrace Project 1 Autotrace 2021-05-10 4.3 MEDIUM 3.3 LOW
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
CVE-2019-19005 1 Autotrace Project 1 Autotrace 2021-05-10 6.8 MEDIUM 7.8 HIGH
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
CVE-2017-9166 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11.
CVE-2017-9196 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.
CVE-2017-9194 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29.
CVE-2017-9195 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.
CVE-2017-9165 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11.
CVE-2017-9152 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function in input-pnm.c:346:41.
CVE-2017-9164 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11.
CVE-2017-9193 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33.
CVE-2017-9171 1 Autotrace Project 1 Autotrace 2019-10-03 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24.
CVE-2017-9182 1 Autotrace Project 1 Autotrace 2019-03-19 5.0 MEDIUM 7.5 HIGH
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (use-after-free and invalid heap read), related to the GET_COLOR function in color.c:16:11.
CVE-2017-9180 1 Autotrace Project 1 Autotrace 2019-03-19 5.0 MEDIUM 7.5 HIGH
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:440:14.
CVE-2017-9153 1 Autotrace Project 1 Autotrace 2019-03-19 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnm_load_rawpbm function in input-pnm.c:391:13.
CVE-2016-7392 1 Autotrace Project 1 Autotrace 2017-08-28 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file.
CVE-2017-9167 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:337:25.
CVE-2017-9187 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7.
CVE-2017-9197 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.
CVE-2017-9199 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.
CVE-2017-9200 1 Autotrace Project 1 Autotrace 2017-05-28 7.5 HIGH 9.8 CRITICAL
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63.