openstack: Arbitrary file access through custom VMDK flat descriptor

A flaw was found in OpenStack-nova, Openstack-glance, and Openstack-cinder. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized...

SUSE CVE-2019-17534

vipsforeignloadgifscanimage in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free...

UBUNTU-CVE-2019-17534

vipsforeignloadgifscanimage in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free...

DEBIAN-CVE-2018-17433

A heap-based buffer overflow in ReadGifImageDesc in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file...

UBUNTU-CVE-2018-17433

A heap-based buffer overflow in ReadGifImageDesc in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file...

CVE-2005-0654

gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service application crash via the image descriptor 1 height or 2 width fields set to zero...