SUSE CVE-2016-3981

Heap-based buffer overflow in the bmpreadrows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file...

SUSE CVE-2016-5010

coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TIFF file...

SUSE CVE-2016-6132

The gdImageCreateFromTgaCtx function in the GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

SUSE CVE-2016-8677

The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure...

SUSE CVE-2016-9390

The jasseq2dcreate function in jasseq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service assertion failure via a crafted image file...

SUSE CVE-2016-9532

Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service out-of-bounds read via a crafted tif file...

SUSE CVE-2016-9534

tifwrite.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1 that didn't reset the tifrawcc and tifrawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."...

SUSE CVE-2016-10061

The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service crash via a crafted image file...

SUSE CVE-2016-10167

The gdImageCreateFromGd2Ctx function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted image file...

SUSE CVE-2016-10371

The TIFFWriteDirectoryTagCheckedRational function in tifdirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF file...

SUSE CVE-2017-2899

An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...

SUSE CVE-2017-2888

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a...

SUSE CVE-2017-8347

In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service memory leak via a crafted file...

SUSE CVE-2017-14607

In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

SUSE CVE-2017-16797

In SWFTools 0.9.2, the pngload function in lib/png.c does not properly validate an alloclen64 multiplication of width and height values, which allows remote attackers to cause a denial of service integer overflow, heap-based buffer overflow, and application crash or possibly have unspecified othe...

SUSE CVE-2018-6930

A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service application crash via a maliciously crafted pict file...

SUSE CVE-2018-9133

ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions coders/tiff.c, which results in a hang tens of minutes with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file...

SUSE CVE-2018-10177

In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file...

SUSE CVE-2018-10804

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c...

SUSE CVE-2018-14851

exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...