Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2016-7448

  • EPSS 4.16%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.

7.5

CVE-2016-7449

  • EPSS 3.28%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

7.5

CVE-2016-7800

  • EPSS 2.19%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

5.5

CVE-2016-2317

  • EPSS 0.38%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr...

5.5

CVE-2016-2318

  • EPSS 0.24%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath...

5.5

CVE-2016-5241

  • EPSS 0.35%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.

5.5

CVE-2016-8568

  • EPSS 0.64%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.

5.5

CVE-2016-8569

  • EPSS 0.74%
  • Published 03.02.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.

4.3

CVE-2015-7976

  • EPSS 2.73%
  • Published 30.01.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

7.5

CVE-2016-9448

  • EPSS 1.64%
  • Published 27.01.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: t...