Vulnerabilities > Opensuse

DATE CVE VULNERABILITY TITLE RISK
2017-02-06 CVE-2016-7800 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
network
low complexity
graphicsmagick opensuse debian CWE-191
7.5
7.5
2017-02-06 CVE-2016-7449 Out-of-bounds Read vulnerability in multiple products
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
network
low complexity
graphicsmagick debian opensuse CWE-125
7.5
7.5
2017-02-06 CVE-2016-7448 Resource Management Errors vulnerability in multiple products
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
network
low complexity
graphicsmagick debian opensuse CWE-399
7.5
7.5
2017-02-06 CVE-2016-7447 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
network
low complexity
graphicsmagick debian opensuse CWE-119
critical
 9.8
9.8
2017-02-06 CVE-2016-7446 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors.
network
low complexity
graphicsmagick debian opensuse CWE-119
critical
 9.8
9.8
2017-02-03 CVE-2016-10165 Out-of-bounds Read vulnerability in multiple products
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. 		7.1
7.1
2017-02-03 CVE-2016-8569 NULL Pointer Dereference vulnerability in multiple products
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. 		5.5
5.5
2017-02-03 CVE-2016-8568 Out-of-bounds Read vulnerability in multiple products
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. 		5.5
5.5
2017-02-03 CVE-2016-5241 Numeric Errors vulnerability in multiple products
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
local
low complexity
graphicsmagick debian opensuse CWE-189
5.5
5.5
2017-02-03 CVE-2016-2318 NULL Pointer Dereference vulnerability in multiple products
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.
local
low complexity
graphicsmagick debian suse opensuse CWE-476
5.5
5.5