SUSE CVE-2020-8112

opjt1clbldecodeprocessor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851...

SUSE CVE-2020-10177

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c...

SUSE CVE-2020-10378

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

SUSE CVE-2020-10811

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5Olayoutdecode located in H5Olayout.c. It allows an attacker to cause Denial of Service...

SUSE CVE-2020-11538

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...

SUSE CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

SUSE CVE-2020-15106

In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentional...

SUSE CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

SUSE CVE-2020-21832

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004compressedsection ../../src/decode.c:2417...

SUSE CVE-2020-21833

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read2004sectionclasses ../../src/decode.c:2440...

SUSE CVE-2020-21835

A null pointer deference issue exists in GNU LibreDWG 0.10 via read2004compressedsection ../../src/decode.c:2337...

SUSE CVE-2020-21839

An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwgdecodeeed ../../src/decode.c:3638...

SUSE CVE-2020-21838

A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read2004sectionappinfo ../../src/decode.c:2842...

SUSE CVE-2020-21842

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read2004sectionrevhistory ../../src/decode.c:3051...

SUSE CVE-2021-3272

jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components...

SUSE CVE-2021-3630

An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28...

SUSE CVE-2021-4090

An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...

SUSE CVE-2021-25287

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...

SUSE CVE-2021-25288

An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi...

SUSE CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...