SUSE CVE-2017-8924

The edgebulkincallback function in drivers/usb/serial/ioti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information in the dmesg ringbuffer and syslog from uninitialized kernel memory by using a crafted USB device posing as an ioti USB serial device to trigger an...

SUSE CVE-2017-14997

GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service excessive memory allocation because of an integer underflow in ReadPICTImage in coders/pict.c...

SUSE CVE-2017-15874

archival/libarchive/decompressunlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation...

SUSE CVE-2018-20180

rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function rdpsnddbgprocess and results in memory corruption and probably even a remote code execution...

SUSE CVE-2018-20181

rdesktop versions up to and including v1.8.3 contain an Integer Underflow that leads to a Heap-Based Buffer Overflow in the function seamlessprocess and results in memory corruption and probably even a remote code execution...

SUSE CVE-2019-5459

An Integer underflow in VLC Media Player versions 3.0.7 leads to an out-of-band read...

SUSE CVE-2019-9755

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In...

SUSE CVE-2019-10053

An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...

SUSE CVE-2019-13602

An Integer Underflow in MP4EIA608Convert in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service heap-based buffer overflow and crash or possibly have unspecified other impact via a crafted .mp4 file...

SUSE CVE-2019-14192

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call...

SUSE CVE-2019-14199

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an udppackethandler call...

SUSE CVE-2020-14346

A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

SUSE CVE-2020-14361

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

SUSE CVE-2020-14362

A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

SUSE CVE-2020-36221

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service schemainit.c serialNumberAndIssuerCheck...

SUSE CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

SUSE CVE-2021-3472

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

SUSE CVE-2022-3165

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

SUSE CVE-2022-4338

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch...

SUSE CVE-2022-23613

xrdp is an open source remote desktop protocol RDP server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability has been patched in...