SUSE CVE-2014-3168

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation...

SUSE CVE-2014-7199

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.19, 1.22.x before 1.22.11, and 1.23.x before 1.23.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file...

SUSE CVE-2015-2935

MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT."...

SUSE CVE-2015-2942

MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM, allows remote attackers to cause a denial of service CPU and memory consumption via a large number of nested entity references in an 1 SVG file or 2 XMP metadata in a PDF file, aka a "billion laughs attack," ...

SUSE CVE-2015-7199

The 1 AddWeightedPathSegLists and 2 SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a...

SUSE CVE-2015-7558

librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service infinite loop, stack consumption, and application crash via cyclic references in an SVG document...

SUSE CVE-2015-8864

Cross-site scripting XSS vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068...

SUSE CVE-2016-2317

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service crash via a crafted SVG file, related to the 1 TracePoint function in magick/render.c, 2 GetToken function in magick/utility.c, and 3 GetTransformTokens function in coders/svg.c...

SUSE CVE-2016-2318

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted SVG file, related to the 1 DrawImage function in magick/render.c, 2 SVGStartElement function in coders/svg.c, and 3 TraceArcPath function in magick/render.c...

SUSE CVE-2016-2819

Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element...

SUSE CVE-2016-5224

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

SUSE CVE-2016-5241

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service arithmetic exception and application crash via a crafted svg file...

SUSE CVE-2016-5281

Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...

SUSE CVE-2016-5296

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

SUSE CVE-2016-6163

The rsvgpatternfixfallback function in rsvg-paintserver.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted svg file...

SUSE CVE-2016-7446

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...

SUSE CVE-2016-9181

perl-Image-Info: When parsing an SVG file, external entity expansion XXE was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure...

SUSE CVE-2017-2586

A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash...

SUSE CVE-2017-5407

Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information...

SUSE CVE-2017-6820

rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...