SUSE CVE-2010-1450

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the 1 longimagedata or 2 expandrow function...

SUSE CVE-2011-1167

Heap-based buffer overflow in the thunder aka ThunderScan decoder in tifthunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value...

SUSE CVE-2012-2135

The utf-16 decoder in Python 3.1 through 3.3 does not update the alignedend variable after calling the unicodedecodecallerrorhandler function, which allows remote attackers to obtain sensitive information process memory or cause a denial of service memory corruption and crash via unspecified...

SUSE CVE-2013-0894

Buffer overflow in the vorbisparsesetuphdrfloors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial...

SUSE CVE-2013-0899

Integer overflow in the padding implementation in the opuspacketparseimpl function in src/opusdecoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of...

SUSE CVE-2013-1439

The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service NULL pointer dereference via a crafted photo file...

SUSE CVE-2014-0158

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...

SUSE CVE-2014-0190

The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service NULL pointer dereference via invalid width and height values in a GIF image...

SUSE CVE-2014-0333

The pngpushreadchunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an IDAT chunk with a length of zero...

SUSE CVE-2014-3157

Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpegvideodecoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that a...

SUSE CVE-2014-3467

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service out-of-bounds read via crafted ASN.1 data...

SUSE CVE-2014-7937

Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted Vorbis I data...

SUSE CVE-2014-8716

The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service out-of-bounds memory access and crash...

SUSE CVE-2014-9028

Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...

SUSE CVE-2014-9656

The ttsbitdecoderloadimage function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted OpenType font...

SUSE CVE-2014-9666

The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...

SUSE CVE-2014-9847

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact...

SUSE CVE-2015-1224

The VpxVideoDecoder::VpxDecode function in media/filters/vpxvideodecoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of service out-of-bounds...

SUSE CVE-2015-1234

Race condition in gpu/commandbuffer/service/gles2cmddecoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact by manipulating OpenGL ES commands...

SUSE CVE-2015-1779

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service memory and CPU consumption via a large 1 websocket payload or 2 HTTP headers section...