Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2017-03-17 CVE-2014-9853 Resource Management Errors vulnerability in multiple products
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. 		5.5
5.5
2017-03-17 CVE-2014-9852 Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.
network
low complexity
imagemagick suse opensuse CWE-913
critical
 9.8
9.8
2017-03-15 CVE-2017-5938 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
network
low complexity
debian opensuse-project opensuse viewvc CWE-79
6.1
6.1
2017-03-03 CVE-2016-10070 Out-of-bounds Read vulnerability in multiple products
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
local
low complexity
imagemagick opensuse CWE-125
5.5
5.5
2017-03-03 CVE-2016-10065 Improper Access Control vulnerability in multiple products
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
local
low complexity
imagemagick opensuse CWE-284
7.8
7.8
2017-03-03 CVE-2016-7972 Resource Management Errors vulnerability in multiple products
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
network
low complexity
opensuse fedoraproject libass-project CWE-399
7.5
7.5
2017-03-03 CVE-2016-7969 Out-of-bounds Read vulnerability in multiple products
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
network
low complexity
opensuse fedoraproject libass-project CWE-125
7.5
7.5
2017-03-02 CVE-2016-10068 Improper Input Validation vulnerability in multiple products
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. 		5.5
5.5
2017-03-02 CVE-2016-10064 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
local
low complexity
imagemagick opensuse CWE-119
7.8
7.8
2017-03-01 CVE-2016-9830 Improper Input Validation vulnerability in multiple products
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
local
low complexity
graphicsmagick debian opensuse CWE-20
5.5
5.5