Lucene search

K

OpenSUSE Security Vulnerabilities

cve
cve

CVE-2014-9114

Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary...

7.8CVSS

7.5AI Score

0.0004EPSS

2017-03-31 04:59 PM
44
4
cve
cve

CVE-2014-9847

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified...

9.8CVSS

6.7AI Score

0.023EPSS

2017-03-20 04:59 PM
57
cve
cve

CVE-2014-9848

Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory...

7.5CVSS

7.1AI Score

0.018EPSS

2017-03-20 04:59 PM
37
cve
cve

CVE-2014-9849

The png coder in ImageMagick allows remote attackers to cause a denial of service...

7.5CVSS

7.1AI Score

0.016EPSS

2017-03-20 04:59 PM
39
cve
cve

CVE-2014-9850

Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource...

7.5CVSS

7.1AI Score

0.011EPSS

2017-03-20 04:59 PM
28
cve
cve

CVE-2014-9851

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application...

7.5CVSS

7.1AI Score

0.017EPSS

2017-03-20 04:59 PM
43
cve
cve

CVE-2014-9845

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib...

5.5CVSS

5.8AI Score

0.011EPSS

2017-03-20 04:59 PM
44
cve
cve

CVE-2014-9841

The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of...

9.8CVSS

7.6AI Score

0.014EPSS

2017-03-20 04:59 PM
37
cve
cve

CVE-2014-9846

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified...

9.8CVSS

7AI Score

0.014EPSS

2017-03-20 04:59 PM
40
cve
cve

CVE-2014-9842

Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified...

7.5CVSS

7.1AI Score

0.016EPSS

2017-03-20 04:59 PM
34
cve
cve

CVE-2014-9844

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image...

5.5CVSS

5.7AI Score

0.008EPSS

2017-03-20 04:59 PM
37
cve
cve

CVE-2014-9843

The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown...

9.8CVSS

7.6AI Score

0.014EPSS

2017-03-20 04:59 PM
40
cve
cve

CVE-2014-9852

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified...

9.8CVSS

8.7AI Score

0.012EPSS

2017-03-17 02:59 PM
25
cve
cve

CVE-2014-9854

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of...

7.5CVSS

7AI Score

0.024EPSS

2017-03-17 02:59 PM
41
cve
cve

CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle...

5.5CVSS

5.7AI Score

0.01EPSS

2017-03-17 02:59 PM
42
cve
cve

CVE-2016-7972

The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified...

7.5CVSS

7.1AI Score

0.02EPSS

2017-03-03 04:59 PM
47
cve
cve

CVE-2016-7969

The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping...

7.5CVSS

7.2AI Score

0.017EPSS

2017-03-03 04:59 PM
45
cve
cve

CVE-2016-9830

The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg...

5.5CVSS

6.8AI Score

0.008EPSS

2017-03-01 08:59 PM
60
cve
cve

CVE-2016-8677

The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation...

8.8CVSS

8.4AI Score

0.004EPSS

2017-02-15 09:59 PM
59
4
cve
cve

CVE-2016-8866

The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for...

8.8CVSS

6.8AI Score

0.008EPSS

2017-02-15 07:59 PM
37
2
cve
cve

CVE-2016-8684

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt...

7.8CVSS

8.5AI Score

0.006EPSS

2017-02-15 07:59 PM
77
cve
cve

CVE-2016-8693

Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo...

7.8CVSS

8.1AI Score

0.006EPSS

2017-02-15 07:59 PM
59
cve
cve

CVE-2016-8683

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt...

7.8CVSS

8.5AI Score

0.008EPSS

2017-02-15 07:59 PM
71
cve
cve

CVE-2016-8682

The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT...

7.5CVSS

7.8AI Score

0.013EPSS

2017-02-15 07:59 PM
71
cve
cve

CVE-2016-7800

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer...

7.5CVSS

7.9AI Score

0.037EPSS

2017-02-06 05:59 PM
71
cve
cve

CVE-2016-7446

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for...

9.8CVSS

7.7AI Score

0.028EPSS

2017-02-06 05:59 PM
39
cve
cve

CVE-2016-7447

Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown...

9.8CVSS

9.7AI Score

0.028EPSS

2017-02-06 05:59 PM
57
cve
cve

CVE-2016-7449

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated"...

7.5CVSS

8AI Score

0.016EPSS

2017-02-06 05:59 PM
56
cve
cve

CVE-2016-7448

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file...

7.5CVSS

8AI Score

0.032EPSS

2017-02-06 05:59 PM
59
cve
cve

CVE-2016-8569

The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object...

5.5CVSS

5.3AI Score

0.006EPSS

2017-02-03 03:59 PM
50
cve
cve

CVE-2016-5241

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg...

5.5CVSS

6.6AI Score

0.015EPSS

2017-02-03 03:59 PM
39
cve
cve

CVE-2016-2318

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in...

5.5CVSS

6.6AI Score

0.01EPSS

2017-02-03 03:59 PM
51
cve
cve

CVE-2016-8568

The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object...

5.5CVSS

5.3AI Score

0.006EPSS

2017-02-03 03:59 PM
47
cve
cve

CVE-2016-2317

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in...

5.5CVSS

6.8AI Score

0.015EPSS

2017-02-03 03:59 PM
73
cve
cve

CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted...

4.3CVSS

5.6AI Score

0.004EPSS

2017-01-30 09:59 PM
111
cve
cve

CVE-2016-9453

The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length...

7.8CVSS

8.1AI Score

0.018EPSS

2017-01-27 05:59 PM
73
cve
cve

CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an...

7.5CVSS

7.3AI Score

0.014EPSS

2017-01-27 05:59 PM
71
cve
cve

CVE-2016-5321

The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff...

6.5CVSS

6.7AI Score

0.008EPSS

2017-01-20 03:59 PM
72
cve
cve

CVE-2016-5323

The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff...

7.5CVSS

7.4AI Score

0.008EPSS

2017-01-20 03:59 PM
76
cve
cve

CVE-2016-5316

Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr...

6.5CVSS

7.4AI Score

0.007EPSS

2017-01-20 03:59 PM
71
cve
cve

CVE-2016-5317

Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF...

6.5CVSS

7.2AI Score

0.007EPSS

2017-01-20 03:59 PM
68
cve
cve

CVE-2016-7787

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super...

4.9CVSS

5.2AI Score

0.002EPSS

2016-12-23 10:59 PM
23
cve
cve

CVE-2016-9427

Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge...

9.8CVSS

9.4AI Score

0.008EPSS

2016-12-12 02:59 AM
68
3
cve
cve

CVE-2016-6323

The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using....

7.5CVSS

7.1AI Score

0.015EPSS

2016-10-07 02:59 PM
44
cve
cve

CVE-2016-6905

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA...

6.5CVSS

6.2AI Score

0.009EPSS

2016-10-03 09:59 PM
28
cve
cve

CVE-2013-4118

FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified...

7.5CVSS

7.2AI Score

0.013EPSS

2016-10-03 09:59 PM
26
4
cve
cve

CVE-2016-6352

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO...

7.5CVSS

7.1AI Score

0.01EPSS

2016-10-03 06:59 PM
158
cve
cve

CVE-2016-3623

The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to...

7.5CVSS

8.1AI Score

0.005EPSS

2016-10-03 04:09 PM
82
cve
cve

CVE-2016-6172

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR...

6.8CVSS

6.7AI Score

0.006EPSS

2016-09-26 04:59 PM
30
cve
cve

CVE-2016-4303

The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer...

9.8CVSS

9.5AI Score

0.017EPSS

2016-09-26 02:59 PM
165
4
Total number of security vulnerabilities1478