SUSE CVE-2016-2317

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service crash via a crafted SVG file, related to the 1 TracePoint function in magick/render.c, 2 GetToken function in magick/utility.c, and 3 GetTransformTokens function in coders/svg.c...

SUSE CVE-2016-2318

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted SVG file, related to the 1 DrawImage function in magick/render.c, 2 SVGStartElement function in coders/svg.c, and 3 TraceArcPath function in magick/render.c...

SUSE CVE-2016-2819

Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element...

SUSE CVE-2016-5224

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

SUSE CVE-2016-5241

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service arithmetic exception and application crash via a crafted svg file...

SUSE CVE-2016-5253

The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link...

SUSE CVE-2016-5281

Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...

SUSE CVE-2016-5296

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

SUSE CVE-2016-6163

The rsvgpatternfixfallback function in rsvg-paintserver.c in librsvg2 2.40.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted svg file...

SUSE CVE-2016-6225

xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector IV for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this...

SUSE CVE-2016-7446

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...

SUSE CVE-2016-7798

The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism...

SUSE CVE-2016-9181

perl-Image-Info: When parsing an SVG file, external entity expansion XXE was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure...

SUSE CVE-2016-9897

Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...

SUSE CVE-2017-2586

A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash...

SUSE CVE-2017-2920

An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SVG file t...

SUSE CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

SUSE CVE-2017-5407

Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information...

SUSE CVE-2017-6820

rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...

SUSE CVE-2017-7786

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...