SUSE CVE-2017-7975

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

SUSE CVE-2017-9750

opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this fil...

SUSE CVE-2017-9751

opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...

SUSE CVE-2017-9782

JasPer 2.0.12 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted image, related to the jp2decode function in libjasper/jp2/jp2dec.c...

SUSE CVE-2017-11335

There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write related to the ZIPDecode function in tifzip.c. A crafted input may lead to a remote denial of service attack or an arbitrary...

SUSE CVE-2017-11399

Integer overflow in the apedecodeframe function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access and application crash or possibly have unspecified other impact via a crafted APE file...

SUSE CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

SUSE CVE-2017-12940

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

SUSE CVE-2017-13043

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decodemulticastvpn...

SUSE CVE-2017-13053

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decodertroutinginfo...

SUSE CVE-2017-14121

The DecodeNumber function in unrarlib.c in unrar 0.0.1 aka unrar-free or unrar-gpl suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references...

SUSE CVE-2017-14128

The decodelineinfo function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service read1byte heap-based buffer over-read and application crash via a crafted ELF file...

SUSE CVE-2017-14626

ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixeldecode in coders/sixel.c...

SUSE CVE-2017-14930

Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...

SUSE CVE-2017-14939

decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to...

SUSE CVE-2017-17506

In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Oplineplinedecode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file...

SUSE CVE-2017-1000158

CPython aka Python up to 2.7.13 is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-based buffer overflow and possible arbitrary code execution...

SUSE CVE-2018-6003

An issue was discovered in the asn1decodesimpleber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS...

SUSE CVE-2018-6912

The decodeplane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out of array read via a crafted AVI file...

SUSE CVE-2018-8788

FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode that results in a memory corruption and possibly even a remote code execution...