SUSE CVE-2019-7575

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c...

SUSE CVE-2019-7574

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c...

SUSE CVE-2019-9152

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MMxstrdup in H5MM.c when called from H5Odtypedecodehelper in H5Odtype.c...

SUSE CVE-2019-9770

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwgdecodeeeddata at decode.c for the y dimension...

SUSE CVE-2019-12207

njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxtutf8decode in nxt/nxtutf8.c...

SUSE CVE-2019-13067

njs through 0.3.3, used in NGINX, has a buffer over-read in nxtutf8decode in nxt/nxtutf8.c. This issue occurs after the fix for CVE-2019-12207 is in place...

SUSE CVE-2019-14443

An issue was discovered in Libav 12.3. Division by zero in rangedecodeculshift in libavcodec/apedec.c allows remote attackers to cause a denial of service application crash, as demonstrated by avconv...

SUSE CVE-2019-15946

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry in libopensc/asn1.c...

SUSE CVE-2019-15945

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c...

SUSE CVE-2019-18408

archivereadformatrarreaddata in archivereadsupportformatrar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVEFAILED situation, related to Ppmd7DecodeSymbol...

SUSE CVE-2019-19480

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in scpkcs15decodeprkdfentry...

SUSE CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

SUSE CVE-2019-20011

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decodeR13R2000 in decode.c...

SUSE CVE-2019-20013

An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode3dsolid in dwg.spec...

SUSE CVE-2019-20199

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen on a NULL pointer...

SUSE CVE-2019-20840

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/wsdecode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode...

SUSE CVE-2019-20910

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decodeR13R2000 in decode.c, a different vulnerability than CVE-2019-20011...

SUSE CVE-2020-5312

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow...

SUSE CVE-2020-6822

On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.7.0, Firefox ESR 68.7, and Firefox 75...

SUSE CVE-2020-6851

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opjt1clbldecodeprocessor in openjp2/t1.c because of lack of opjj2kupdateimagedimensions validation...