Vulnerabilities (CVE)

Vendor filter

Novell Subscribe

Filter

1545 total CVE
CVE Vendors Products Updated CVSS
CVE-2016-7447 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-15 7.5
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2016-7446 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-15 7.5
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
CVE-2016-5241 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-12 4.3
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVE-2016-7449 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-12 5.0
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
CVE-2016-7800 5 Debian, Graphicsmagick, Novell and 2 more 6 Debian Linux, Graphicsmagick, Leap and 3 more 2019-04-12 5.0
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
CVE-2016-7448 5 Graphicsmagick, Novell, Opensuse Project and 2 more 6 Leap, Graphicsmagick, Opensuse and 3 more 2019-04-12 7.8
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
CVE-2016-10065 3 Imagemagick, Novell, Opensuse 3 Imagemagick, Leap, Leap 2019-04-12 6.8
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2014-9496 3 Gentoo, Novell, Opensuse 3 Libsndfile, Opensuse, Opensuse 2019-04-11 10.0
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
CVE-2016-4578 6 Linux, Canonical, Novell and 3 more 19 Ubuntu Linux, Suse Linux Enterprise Live Patching, Linux Kernel and 16 more 2019-03-25 2.1
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1)...
CVE-2016-9843 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 7.5
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9842 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 6.8
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVE-2016-9841 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 7.5
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9840 4 Gnu, Opensuse Project, Novell and 1 more 6 Zlib, Opensuse, Leap and 3 more 2019-03-25 6.8
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-4429 6 Novell, Gnu, Opensuse and 3 more 7 Glibc, Opensuse, Opensuse and 4 more 2019-03-22 7.5
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP...
CVE-2016-2335 4 Debian, Novell, 7-zip and 1 more 5 Debian Linux, 7zip, Opensuse and 2 more 2019-03-21 6.8
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long...
CVE-2015-2157 6 Debian, Simon Tatham, Fedoraproject and 3 more 6 Debian Linux, Putty, Fedora and 3 more 2019-03-21 2.1
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
CVE-2013-4852 6 Debian, Simon Tatham, Novell and 3 more 6 Debian Linux, Winscp, Putty and 3 more 2019-03-21 6.8
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a...
CVE-2013-4854 10 Slackware, Freebsd, Redhat and 7 more 13 Hp-ux, Dnsco Bind, Enterprise Linux and 10 more 2019-03-18 7.8
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service...
CVE-2016-1950 5 Mozilla, Apple, Oracle and 2 more 15 Glassfish Server, Firefox Esr, Iplanet Web Proxy Server and 12 more 2019-03-08 6.8
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code...
CVE-2016-6128 5 Debian, Libgd, Novell and 2 more 5 Debian Linux, Leap, Libgd and 2 more 2019-03-05 5.0
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.