Opensuse

Leap

1897 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2016-8688

  • EPSS 0.23%
  • Published 15.02.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) ...

7.5

CVE-2016-8689

  • EPSS 1.12%
  • Published 15.02.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.

9.8

CVE-2016-7446

  • EPSS 2.02%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.

9.8

CVE-2016-7447

  • EPSS 2.03%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.

7.8

CVE-2016-7448

  • EPSS 4.16%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.

7.5

CVE-2016-7449

  • EPSS 3.28%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

7.5

CVE-2016-7800

  • EPSS 2.19%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

7.1

CVE-2016-10165

  • EPSS 0.87%
  • Published 03.02.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

5.5

CVE-2016-2317

  • EPSS 0.38%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr...

5.5

CVE-2016-2318

  • EPSS 0.24%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath...