SUSE CVE-2013-7422

Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service application crash via a long digit string associated with an invalid backreference within a regula...

SUSE CVE-2014-0497

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors...

SUSE CVE-2014-3144

The 1 BPFSANCNLATTR and 2 BPFSANCNLATTRNEST extension implementations in the skrunfilter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service integer underflow and...

SUSE CVE-2014-9087

Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...

SUSE CVE-2014-9679

Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow...

SUSE CVE-2015-0292

Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...

SUSE CVE-2015-1208

Integer underflow in the movreaddefault function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file...

SUSE CVE-2015-5212

Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

SUSE CVE-2015-7205

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP...

SUSE CVE-2015-7219

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorrect memory allocation...

SUSE CVE-2015-7222

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service incorrect memory allocation and application crash via an MP4 video...

SUSE CVE-2015-8540

Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG...

SUSE CVE-2016-1925

Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the 1 level0 or 2 level1 header in a lha archive, which triggers a buffer overflow...

SUSE CVE-2016-1960

Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...

SUSE CVE-2016-1968

Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via crafted data with brotli compression...

SUSE CVE-2016-2347

Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...

SUSE CVE-2016-7800

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service application crash via a crafted 8BIM chunk, which triggers a heap-based buffer overflow...

SUSE CVE-2016-10166

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...

SUSE CVE-2017-6313

Integer underflow in the loadresources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service out-of-bounds read and program crash via a crafted image entry size in an ICO file...

SUSE CVE-2017-8911

An integer underflow has been identified in the unicodetoutf8 function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker...