Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2017-03-20 CVE-2014-9844 Out-of-bounds Read vulnerability in multiple products
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. 		5.5
5.5
2017-03-20 CVE-2014-9843 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
network
low complexity
opensuse-project opensuse canonical imagemagick CWE-119
critical
 9.8
9.8
2017-03-20 CVE-2014-9842 Resource Exhaustion vulnerability in multiple products
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. 		7.5
7.5
2017-03-20 CVE-2014-9841 7PK - Errors vulnerability in multiple products
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
network
low complexity
opensuse-project opensuse canonical imagemagick CWE-388
critical
 9.8
9.8
2017-03-17 CVE-2014-9854 Resource Management Errors vulnerability in multiple products
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
network
low complexity
imagemagick opensuse suse canonical CWE-399
7.5
7.5
2017-03-17 CVE-2014-9853 Resource Management Errors vulnerability in multiple products
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. 		5.5
5.5
2017-03-17 CVE-2014-9852 Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
network
low complexity
imagemagick suse opensuse CWE-913
critical
 9.8
9.8
2017-03-15 CVE-2017-5938 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
network
low complexity
debian opensuse-project opensuse viewvc CWE-79
6.1
6.1
2017-03-03 CVE-2016-10070 Out-of-bounds Read vulnerability in multiple products
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
local
low complexity
imagemagick opensuse CWE-125
5.5
5.5
2017-03-03 CVE-2016-10065 Improper Access Control vulnerability in multiple products
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
local
low complexity
imagemagick opensuse CWE-284
7.8
7.8