Opensuse

Leap

1898 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2016-8687

  • EPSS 1.38%
  • Veröffentlicht 15.02.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.

5.5

CVE-2016-8688

  • EPSS 0.23%
  • Veröffentlicht 15.02.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) ...

7.5

CVE-2016-8689

  • EPSS 1.12%
  • Veröffentlicht 15.02.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.

9.8

CVE-2016-7446

  • EPSS 3.16%
  • Veröffentlicht 06.02.2017 17:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.

9.8

CVE-2016-7447

  • EPSS 2.02%
  • Veröffentlicht 06.02.2017 17:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.

7.8

CVE-2016-7448

  • EPSS 4.14%
  • Veröffentlicht 06.02.2017 17:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.

7.5

CVE-2016-7449

  • EPSS 3.26%
  • Veröffentlicht 06.02.2017 17:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

7.5

CVE-2016-7800

  • EPSS 2.18%
  • Veröffentlicht 06.02.2017 17:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

7.1

CVE-2016-10165

  • EPSS 0.87%
  • Veröffentlicht 03.02.2017 19:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

5.5

CVE-2016-2317

  • EPSS 0.25%
  • Veröffentlicht 03.02.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr...