Autotrace ProjectCVEs & Vulnerabilities

55 CVEs affecting Autotrace Project products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

autotrace 55
CVE-2022-32323HIGH

AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

15 Jul 2022
7.3
CVSS
CVE-2019-19005HIGH

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.

12 Feb 2021
7.8
CVSS
CVE-2019-19004LOW

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

12 Feb 2021
3.3
CVSS
CVE-2017-9200CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63.

23 May 2017
9.8
CVSS
CVE-2017-9199CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.

23 May 2017
9.8
CVSS
CVE-2017-9198CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.

23 May 2017
9.8
CVSS
CVE-2017-9197CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.

23 May 2017
9.8
CVSS
CVE-2017-9196CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.

23 May 2017
9.8
CVSS
CVE-2017-9195CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.

23 May 2017
9.8
CVSS
CVE-2017-9194CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29.

23 May 2017
9.8
CVSS
CVE-2017-9193CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33.

23 May 2017
9.8
CVSS
CVE-2017-9192CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7.

23 May 2017
9.8
CVSS
CVE-2017-9191CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15.

23 May 2017
9.8
CVSS
CVE-2017-9190HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid free), related to the free_bitmap function in bitmap.c:24:5.

23 May 2017
7.5
CVSS
CVE-2017-9189HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11.

23 May 2017
7.5
CVSS
CVE-2017-9188CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63.

23 May 2017
9.8
CVSS
CVE-2017-9187CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7.

23 May 2017
9.8
CVSS
CVE-2017-9186CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17.

23 May 2017
9.8
CVSS
CVE-2017-9185CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7.

23 May 2017
9.8
CVSS
CVE-2017-9184CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7.

23 May 2017
9.8
CVSS
CVE-2017-9183CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7.

23 May 2017
9.8
CVSS
CVE-2017-9182HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (use-after-free and invalid heap read), related to the GET_COLOR function in color.c:16:11.

23 May 2017
7.5
CVSS
CVE-2017-9181HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c.

23 May 2017
7.5
CVSS
CVE-2017-9180HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:440:14.

23 May 2017
7.5
CVSS
CVE-2017-9179HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:425:14.

23 May 2017
7.5
CVSS
CVE-2017-9178HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:421:11.

23 May 2017
7.5
CVSS
CVE-2017-9177HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:390:12.

23 May 2017
7.5
CVSS
CVE-2017-9176HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:370:25.

23 May 2017
7.5
CVSS
CVE-2017-9175HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:353:25.

23 May 2017
7.5
CVSS
CVE-2017-9174HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:21:23.

23 May 2017
7.5
CVSS
CVE-2017-9173CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:497:29.

23 May 2017
9.8
CVSS
CVE-2017-9172CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:496:29.

23 May 2017
9.8
CVSS
CVE-2017-9171CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24.

23 May 2017
9.8
CVSS
CVE-2017-9170CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:370:25.

23 May 2017
9.8
CVSS
CVE-2017-9169CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25.

23 May 2017
9.8
CVSS
CVE-2017-9168CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:353:25.

23 May 2017
9.8
CVSS
CVE-2017-9167CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:337:25.

23 May 2017
9.8
CVSS
CVE-2017-9166CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:18:11.

23 May 2017
9.8
CVSS
CVE-2017-9165CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:17:11.

23 May 2017
9.8
CVSS
CVE-2017-9164CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in color.c:16:11.

23 May 2017
9.8
CVSS
CVE-2017-9163CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in pxl-outline.c:106:54.

23 May 2017
9.8
CVSS
CVE-2017-9162CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:191:2.

23 May 2017
9.8
CVSS
CVE-2017-9161CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in autotrace.c:188:23.

23 May 2017
9.8
CVSS
CVE-2017-9160CRITICAL

libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in the pnmscanner_gettoken function in input-pnm.c:458:12.

23 May 2017
9.8
CVSS
CVE-2017-9159HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_rawpbm function in input-pnm.c:391:15.

23 May 2017
7.5
CVSS
CVE-2017-9158HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_raw function in input-pnm.c:336:11.

23 May 2017
7.5
CVSS
CVE-2017-9157HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:306:14.

23 May 2017
7.5
CVSS
CVE-2017-9156HIGH

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12.

23 May 2017
7.5
CVSS
← PrevPage 1 / 2Next →