SUSE CVE-2016-9387

Integer overflow in the jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure...

SUSE CVE-2016-9389

The jpcirct and jpciict functions in jpcmct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service assertion failure...

SUSE CVE-2016-9391

The jpcbitstreamgetbits function in jpcbs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service assertion failure via a very large integer...

SUSE CVE-2016-9395

The jasseq2dcreate function in jasseq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service assertion failure via a crafted file...

SUSE CVE-2016-9398

The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

SUSE CVE-2016-10371

The TIFFWriteDirectoryTagCheckedRational function in tifdirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF file...

SUSE CVE-2017-0375

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the relaysendendcellfromedge function via a malformed BEGIN cell...

SUSE CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

SUSE CVE-2017-3137

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND...

SUSE CVE-2017-3139

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

SUSE CVE-2017-3138

named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of name...

SUSE CVE-2017-5190

NetIQ Access Manager 4.2 before SP3 HF1 and 4.3 before SP1 HF1, when configured as a SAML 2.0 Identity Server with Virtual Attributes, has a concurrency issue causing information leakage, related to a stale profile...

SUSE CVE-2017-5986

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

SUSE CVE-2017-6498

An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...

SUSE CVE-2017-8372

The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...

SUSE CVE-2017-9141

In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c...

SUSE CVE-2017-9499

In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file...

SUSE CVE-2017-9501

In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file...

SUSE CVE-2017-11524

The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service assertion failure and application exit via a crafted file...

SUSE CVE-2017-12434

In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service assertion failure in DestroyImageInfo in image.c...