SUSE CVE-2014-6051

Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service crash and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow...

SUSE CVE-2014-6052

The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service application crash or possibly execute arbitrary code by specifying a large screen size in a 1...

SUSE CVE-2014-8091

X.Org X Window System aka X11 and X X11R5 and X.Org Server aka xserver and xorg-server before 1.16.3, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference a...

SUSE CVE-2014-9628

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7...

SUSE CVE-2017-9815

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tifdirread.c mishandles a malloc operation, which allows attackers to cause a denial of service memory leak within the function TIFFmalloc in tifunix.c via a crafted file...

SUSE CVE-2017-13090

The retr.c:fdreadbody function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in piec...

SUSE CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

SUSE CVE-2018-6543

In GNU Binutils 2.30, there's an integer overflow in the function loadspecificdebugsection in objdump.c, which results in malloc with 0 size. A crafted ELF file allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

SUSE CVE-2018-6551

The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller than requested, eventually...

SUSE CVE-2018-10539

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...

SUSE CVE-2018-13420

Google gperftools 2.7 has a memory leak in mallocextension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program...

SUSE CVE-2019-8354

An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow...

SUSE CVE-2019-12221

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in the SDL function SDLfreeREAL at stdlib/SDLmalloc.c...

SUSE CVE-2019-14973

TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash...

SUSE CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

SUSE CVE-2020-7105

async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked...

SUSE CVE-2020-9391

An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde237319e6. This has be...

SUSE CVE-2021-3470

A heap overflow issue was found in Redis in versions before 5.0.10, before 6.0.9 and before 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast majority of users, who use...

SUSE CVE-2021-29605

TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating TFLiteIntArrays is vulnerable to an integer overflow issuehttps://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.cL24-L27. An attacker can...

SUSE CVE-2021-33452

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmmalloc in nasmlib/alloc.c...