SUSE CVE-2008-2327

Multiple buffer underflows in the 1 LZWDecode, 2 LZWDecodeCompat, and 3 LZWDecodeVector functions in tiflzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODECLEAR code...

SUSE CVE-2009-1882

Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are...

SUSE CVE-2009-4227

Stack-based buffer overflow in the read13textobject function in freadold.c in Xfig 3.2.5b and earlier, and in the readtextobject function in read13.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses t...

SUSE CVE-2009-4228

Stack consumption vulnerability in ubound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service application crash via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfpfig function in fread.c...

SUSE CVE-2010-2067

Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tifdirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file...

SUSE CVE-2010-3676

storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service assertion failure by modifying the 1 innodbfileformat or 2 innodbfilepertable configuration parameters for the InnoDB storage engine, then executing a DDL...

SUSE CVE-2010-4665

Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entri...

SUSE CVE-2011-0191

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF image with JPEG encoding...

SUSE CVE-2011-0215

ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted TIFF file...

SUSE CVE-2014-0207

The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...

SUSE CVE-2014-9817

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file...

SUSE CVE-2016-6352

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service out-of-bounds write and crash via crafted dimensions in an ICO file...

SUSE CVE-2016-9534

tifwrite.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1 that didn't reset the tifrawcc and tifrawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."...

SUSE CVE-2017-2899

An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...

SUSE CVE-2017-5844

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted ASF file...

SUSE CVE-2017-9744

The shelfsetmachfromflags function in bfd/elf32-sh.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary...

SUSE CVE-2017-15016

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c...

SUSE CVE-2017-15778

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at CADImage+0x0000000000285de7."...

SUSE CVE-2018-4022

A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV matroska file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user...

SUSE CVE-2018-7420

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks...