Aggregates CVE and security vulnerability intelligence across all AutoTrace-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption and vendor risk input validation and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-32323 | AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. | [email protected] | 7.3 | 0.75% | 2022-07-14 | 2026-06-17 |
| CVE-2019-19005 | A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182. | [email protected] | 7.8 | 0.97% | 2021-02-11 | 2026-06-16 |
| CVE-2019-19004 | A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. | [email protected] | 3.3 | 1.02% | 2021-02-11 | 2026-06-16 |
| CVE-2017-9200 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:528:63. | [email protected] | 9.8 | 2.26% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9199 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9198 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9197 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9196 | libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7. | [email protected] | 9.8 | 1.82% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9195 | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9194 | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9193 | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9192 | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7. | [email protected] | 9.8 | 1.77% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9191 | libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rle_fread function in input-tga.c:252:15. | [email protected] | 9.8 | 1.77% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9190 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid free), related to the free_bitmap function in bitmap.c:24:5. | [email protected] | 7.5 | 2.47% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9189 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and application crash), related to the GET_COLOR function in color.c:16:11. | [email protected] | 7.5 | 1.80% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9188 | libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63. | [email protected] | 9.8 | 2.27% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9187 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:486:7. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9186 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:326:17. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9185 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |
| CVE-2017-9184 | libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7. | [email protected] | 9.8 | 1.93% | 2017-05-23 | 2026-06-16 |