Aggregates CVE and security vulnerability intelligence across all Accusoft-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk cross-site scripting and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-40163 | An out-of-bounds write vulnerability exists in the allocate_buffer_for_jpeg_decoding functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 9.8 | 0.15% | 2023-09-25 | 2025-11-04 |
| CVE-2023-39453 | A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can deliver this file to trigger this vulnerability. | [email protected] | 9.8 | 0.39% | 2023-09-25 | 2025-11-04 |
| CVE-2023-35002 | A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 9.8 | 0.32% | 2023-09-25 | 2025-11-04 |
| CVE-2023-32653 | An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | [email protected] | 9.8 | 0.19% | 2023-09-25 | 2025-11-04 |
| CVE-2023-32614 | A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.0 | 0.16% | 2023-09-25 | 2025-11-04 |
| CVE-2023-32284 | An out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 8.1 | 0.26% | 2023-09-25 | 2025-11-04 |
| CVE-2023-28393 | A stack-based buffer overflow vulnerability exists in the tif_processing_dng_channel_count functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 5.6 | 0.16% | 2023-09-25 | 2025-11-04 |
| CVE-2023-23567 | A heap-based buffer overflow vulnerability exists in the CreateDIBfromPict functionality of Accusoft ImageGear 20.1. A specially crafted file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 8.1 | 0.22% | 2023-09-25 | 2024-11-21 |
| CVE-2022-32588 | An out-of-bounds write vulnerability exists in the PICT parsing pctwread_14841 functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 0.22% | 2022-11-09 | 2024-11-21 |
| CVE-2022-29465 | An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 9.8 | 11.27% | 2022-08-05 | 2024-11-21 |
| CVE-2022-23400 | A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information leak. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.1 | 0.26% | 2022-05-03 | 2024-11-21 |
| CVE-2022-22137 | A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to an arbitrary free. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 6.5 | 0.45% | 2022-05-03 | 2024-11-21 |
| CVE-2021-40398 | An out-of-bounds write vulnerability exists in the parse_raster_data functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 0.22% | 2022-04-14 | 2024-11-21 |
| CVE-2021-21949 | An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 8.8 | 0.41% | 2022-04-14 | 2024-11-21 |
| CVE-2021-21947 | Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is greater or equal than 9. | [email protected] | 8.8 | 0.35% | 2022-04-14 | 2024-11-21 |
| CVE-2021-21946 | Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is lower than 9. | [email protected] | 8.8 | 0.35% | 2022-04-14 | 2024-11-21 |
| CVE-2021-21945 | Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the second 12 bits from local variable. | [email protected] | 8.8 | 0.35% | 2022-04-14 | 2024-11-21 |
| CVE-2021-21944 | Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the first 12 bits from local variable. | [email protected] | 8.8 | 0.35% | 2022-04-14 | 2024-11-21 |
| CVE-2021-21943 | A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 8.8 | 1.18% | 2022-04-14 | 2024-11-21 |
| CVE-2021-21942 | An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 8.8 | 1.04% | 2022-04-14 | 2024-11-21 |