SUSE CVE-2017-17784

In GIMP 2.8.22, there is a heap-based buffer over-read in loadimage in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data...

SUSE CVE-2017-17788

In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...

SUSE CVE-2017-17818

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...

SUSE CVE-2017-17913

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type...

SUSE CVE-2017-17912

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region...

SUSE CVE-2017-17915

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached...

SUSE CVE-2018-5248

In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixeldecode function...

SUSE CVE-2018-5360

LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27...

SUSE CVE-2018-6612

An integer underflow bug in the processEXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact...

SUSE CVE-2018-6767

A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file...

SUSE CVE-2018-6930

A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service application crash via a maliciously crafted pict file...

SUSE CVE-2018-7254

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service global buffer over-read, or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file...

SUSE CVE-2018-7439

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function readminibiffnextrecord...

SUSE CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

SUSE CVE-2018-7730

An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIRFileWriter.cpp, leading to a heap-based buffer over-read in the PSDMetaHandler::CacheFileData function...

SUSE CVE-2018-7728

An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFFHandler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update function in third-party/zuid/interfaces/MD5.cpp...

SUSE CVE-2018-8102

The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

SUSE CVE-2018-8769

elfutils 0.170 has a buffer over-read in the ebldynamictagname function of libebl/ebldynamictagname.c because SYMTABSHNDX is unsupported...

SUSE CVE-2018-8883

Netwide Assembler NASM 2.13.02rc2 has a buffer over-read in the parseline function in asm/parser.c via uncontrolled access to nasmregflags...

SUSE CVE-2018-8881

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...