SUSE CVE-2003-0033

Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets...

SUSE CVE-2003-1302

The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a 1 To or 2 From header with an address that contains a large number of "" backslash characters...

SUSE CVE-2005-3252

Stack-based buffer overflow in the Back Orifice BO preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet...

SUSE CVE-2007-1886

Integer overflow in the strreplace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."...

SUSE CVE-2007-5742

Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors...

SUSE CVE-2008-1804

preprocessors/sppfrag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment...

SUSE CVE-2008-2719

Off-by-one error in the ppscan function preproc.c in Netwide Assembler NASM 2.02 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow...

SUSE CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

SUSE CVE-2010-1864

The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by reference feature...

SUSE CVE-2010-2225

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function...

SUSE CVE-2010-4645

strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...

SUSE CVE-2017-11111

In Netwide Assembler NASM 2.14rc0, preproc.c allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

SUSE CVE-2017-14228

In Netwide Assembler NASM 2.14rc0, there is an illegal address access in the function pastetokens in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service...

SUSE CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

SUSE CVE-2017-17816

In Netwide Assembler NASM 2.14rc0, there is a use-after-free in ppgetline in asm/preproc.c that will cause a remote denial of service attack...

SUSE CVE-2017-17815

In Netwide Assembler NASM 2.14rc0, there is an illegal address access in ismmacro in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts...

SUSE CVE-2017-17818

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...

SUSE CVE-2018-16999

Netwide Assembler NASM 2.14rc15 has an invalid memory write segmentation fault in expandsmacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file...

SUSE CVE-2018-17076

GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...

SUSE CVE-2018-20535

There is a use-after-free at asm/preproc.c function ppgetline in Netwide Assembler NASM 2.14rc16 that will cause a denial of service during a line-number increment attempt...