SUSE CVE-2016-7534

The generic decoder in ImageMagick allows remote attackers to cause a denial of service out-of-bounds access via a crafted file...

SUSE CVE-2016-9387

Integer overflow in the jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure...

SUSE CVE-2016-9445

Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service crash via large width and height values, which triggers a buffer overflow...

SUSE CVE-2016-9446

The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas...

SUSE CVE-2016-9561

The checonfigure function in libavcodec/aacdectemplate.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service allocation of huge memory, and being killed by the OS via a crafted MOV file...

SUSE CVE-2016-9635

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a 'skip count' that goes beyond initialized buffer...

SUSE CVE-2016-9636

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a 'write count' that goes beyond the initialized buffer...

SUSE CVE-2016-9810

The gstdecodechainfreeinternal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service invalid memory read and crash via an invalid file, which triggers an incorrect unref call...

SUSE CVE-2016-9808

The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds write and crash via a crafted series of skip and count pairs...

SUSE CVE-2016-9812

The gstmpegtssectionnew function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds read via a too small section...

SUSE CVE-2017-2984

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution...

SUSE CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

SUSE CVE-2017-7863

FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decodeframecommon function in libavcodec/pngdec.c...

SUSE CVE-2017-8105

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1decoderparsecharstrings function in psaux/t1decode.c...

SUSE CVE-2017-9098

ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image da...

SUSE CVE-2017-9608

The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted mov file...

SUSE CVE-2017-12601

OpenCV Open Source Computer Vision Library through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case...

SUSE CVE-2017-13751

There is a reachable assertion abort in the function calcstepsizes in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack...

SUSE CVE-2017-17880

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBPDECODERABIVERSION check...

SUSE CVE-2017-1000460

In line libavcodec/h264dec.c:500 in libavv13dev0, ffmpegn3.4, chromium56 prior Feb 13, 2017, the return value of initgetbits is ignored and getuegolomb&gb is called on an uninitialized getbits context, which causes a NULL deref exception...