SUSE CVE-2019-14368

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

SUSE CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

SUSE CVE-2019-14776

A heap-based buffer over-read exists in DemuxInit in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file...

SUSE CVE-2019-14975

Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fzchartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string...

SUSE CVE-2019-15026

memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conntostr in memcached.c...

SUSE CVE-2019-15167

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 3, a different vulnerability than CVE-2018-14463...

SUSE CVE-2019-17266

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soupntlmparsechallenge in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy...

SUSE CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

SUSE CVE-2019-17533

MatVarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdupvprintf when uninitialized memory is accessed...

SUSE CVE-2019-17544

libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character...

SUSE CVE-2019-18359

A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3Gain 1.6.2. The vulnerability causes an application crash, which leads to remote denial of service...

SUSE CVE-2019-19977

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlmbuildtype2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read...

SUSE CVE-2019-20018

A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17...

SUSE CVE-2019-20017

A stack-based buffer over-read was discovered in MatVarReadNextInfo5 in mat5.c in matio 1.5.17...

SUSE CVE-2019-20021

A heap-based buffer over-read was discovered in canUnpack in pmach.cpp in UPX 3.95 via a crafted Mach-O file...

SUSE CVE-2019-20020

A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17...

SUSE CVE-2019-20838

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454...

SUSE CVE-2019-20915

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bitwriteTF in bits.c...

SUSE CVE-2019-25013

The iconv feature in the GNU C Library aka glibc or libc6 through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read...

SUSE CVE-2020-5971

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalatio...