GCVE - cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*

part: o version: 42.1 update: *

Vendor	Opensuse Project (`ab95f1dc-d60c-5e1e-8a1e-ff30d0f019ab`)
Product	Leap (`595da469-91a5-59c8-b646-c47627f53df5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-6542`	vulnerable	2026-06-08 05:09:51.492813	Details available The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow. Published: 2017-03-27T17:00:00.000Z Updated: 2024-08-05T15:33:20.175Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/97156 https://www.exploit-db.com/exploits/42137/ https://security.gentoo.org/glsa/201703-03 https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8 http://www.securitytracker.com/id/1038067	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5938`	vulnerable	2026-06-08 05:09:50.136722	Details available Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. Published: 2017-03-15T14:00:00.000Z Updated: 2024-08-05T15:18:49.281Z Open on db.gcve.eu Reference links https://github.com/viewvc/viewvc/releases/tag/1.0.14 https://github.com/viewvc/viewvc/issues/137 http://www.securityfocus.com/bid/96185 https://github.com/viewvc/viewvc/commit/9dcfc7daa4c940992920d3b2fbd317da20e44aad https://github.com/viewvc/viewvc/releases/tag/1.1.26	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9961`	vulnerable	2026-06-08 05:08:25.121400	Details available game-music-emu before 0.6.1 mishandles unspecified integer values. Published: 2017-06-06T18:00:00.000Z Updated: 2024-08-06T03:07:31.619Z Open on db.gcve.eu Reference links https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/ http://www.securityfocus.com/bid/95305 http://www.openwall.com/lists/oss-security/2016/12/15/11 https://security.gentoo.org/glsa/201707-02 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9960`	vulnerable	2026-06-08 05:08:25.113238	Details available game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash). Published: 2017-06-06T18:00:00.000Z Updated: 2024-08-06T03:07:31.835Z Open on db.gcve.eu Reference links https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/ http://www.securityfocus.com/bid/95305 http://www.openwall.com/lists/oss-security/2016/12/15/11 https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html https://security.gentoo.org/glsa/201707-02	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9959`	vulnerable	2026-06-08 05:08:25.112302	Details available game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. Published: 2017-04-12T20:00:00.000Z Updated: 2024-08-06T03:07:31.477Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/ http://www.securityfocus.com/bid/95305 http://www.openwall.com/lists/oss-security/2016/12/15/11 https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9958`	vulnerable	2026-06-08 05:08:25.111632	Details available game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. Published: 2017-04-12T20:00:00.000Z Updated: 2024-08-06T03:07:31.788Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/ http://www.securityfocus.com/bid/95305 http://www.openwall.com/lists/oss-security/2016/12/15/11 https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9957`	vulnerable	2026-06-08 05:08:25.107095	Details available Stack-based buffer overflow in game-music-emu before 0.6.1. Published: 2017-04-12T20:00:00.000Z Updated: 2024-08-06T03:07:31.400Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/ http://www.securityfocus.com/bid/95305 http://www.openwall.com/lists/oss-security/2016/12/15/11 https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9556`	vulnerable	2026-06-08 05:08:24.022251	Details available The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. Published: 2017-03-23T18:00:00.000Z Updated: 2024-08-06T02:50:38.583Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/94492 https://github.com/ImageMagick/ImageMagick/commit/ce98a7acbcfca7f0a178f4b1e7b957e419e0cc99 https://blogs.gentoo.org/ago/2016/11/19/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h http://lists.opensuse.org/opensuse-updates/2016-12/msg00040.html http://www.openwall.com/lists/oss-security/2016/11/23/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9436`	vulnerable	2026-06-08 05:08:23.598763	Details available parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag. Published: 2017-01-20T15:00:00.000Z Updated: 2024-08-06T02:50:38.380Z Open on db.gcve.eu Reference links https://security.gentoo.org/glsa/201701-08 https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html https://github.com/tats/w3m/issues/16 http://www.securityfocus.com/bid/94407	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9435`	vulnerable	2026-06-08 05:08:23.597996	Details available The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags. Published: 2017-01-20T15:00:00.000Z Updated: 2024-11-14T20:06:38.851Z Open on db.gcve.eu Reference links https://security.gentoo.org/glsa/201701-08 https://github.com/tats/w3m/commit/33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd http://lists.opensuse.org/opensuse-updates/2016-12/msg00084.html https://github.com/tats/w3m/issues/16 http://www.securityfocus.com/bid/94407	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-7797`	vulnerable	2026-06-08 05:08:13.208548	Details available Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. Published: 2017-03-24T15:00:00.000Z Updated: 2024-08-06T02:04:56.102Z Open on db.gcve.eu Reference links http://rhn.redhat.com/errata/RHSA-2016-2578.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00077.html http://www.openwall.com/lists/oss-security/2016/10/01/1 http://bugs.clusterlabs.org/show_bug.cgi?id=5269 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00001.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-5317`	vulnerable	2026-06-08 05:07:56.718250	Details available Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. Published: 2017-01-20T15:00:00.000Z Updated: 2024-08-06T01:01:00.165Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/91208 http://lists.opensuse.org/opensuse-updates/2016-09/msg00060.html http://www.openwall.com/lists/oss-security/2016/06/15/10 https://security.gentoo.org/glsa/201701-16 http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-5316`	vulnerable	2026-06-08 05:07:56.716658	Details available Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. Published: 2017-01-20T15:00:00.000Z Updated: 2024-08-06T01:00:58.066Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/91203 http://lists.opensuse.org/opensuse-updates/2016-09/msg00060.html https://security.gentoo.org/glsa/201701-16 http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00090.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-1254`	vulnerable	2026-06-08 05:07:27.055874	Details available Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. Published: 2017-12-05T16:00:00.000Z Updated: 2024-08-05T22:48:13.662Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-updates/2016-12/msg00154.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTU2R253477RZLYAJAR5DAXAON7KIVLA/ https://blog.torproject.org/blog/tor-02812-released http://lists.opensuse.org/opensuse-updates/2016-12/msg00155.html https://www.debian.org/security/2016/dsa-3741	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-10069`	vulnerable	2026-06-08 05:07:17.097649	Details available coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames. Published: 2017-03-02T21:00:00.000Z Updated: 2024-08-06T03:07:32.120Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html https://github.com/ImageMagick/ImageMagick/commit/8a370f9ab120faf182aa160900ba692ba8e2bcf0 https://bugzilla.redhat.com/show_bug.cgi?id=1410507 http://www.securityfocus.com/bid/95216 http://www.openwall.com/lists/oss-security/2016/12/26/9	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-10068`	vulnerable	2026-06-08 05:07:17.097266	Details available The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. Published: 2017-03-02T21:00:00.000Z Updated: 2024-08-06T03:07:32.096Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/95219 http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html https://bugzilla.redhat.com/show_bug.cgi?id=1410500 https://github.com/ImageMagick/ImageMagick/commit/56d6e20de489113617cbbddaf41e92600a34db22 http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-10048`	vulnerable	2026-06-08 05:07:17.085706	Details available Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. Published: 2017-03-23T17:00:00.000Z Updated: 2024-08-06T03:07:32.132Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=1410451 http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html https://github.com/ImageMagick/ImageMagick/commit/fc6080f1321fd21e86ef916195cc110b05d9effb http://lists.opensuse.org/opensuse-updates/2017-02/msg00031.html http://www.securityfocus.com/bid/95186	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-8010`	vulnerable	2026-06-08 05:07:02.864626	Details available Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi. Published: 2017-03-27T17:00:00.000Z Updated: 2024-08-06T08:06:31.609Z Open on db.gcve.eu Reference links https://github.com/Icinga/icinga-core/issues/1563 http://www.openwall.com/lists/oss-security/2015/10/29/15 http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00019.html http://www.securityfocus.com/bid/97145 http://www.openwall.com/lists/oss-security/2015/10/23/15	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5221`	vulnerable	2026-06-08 05:06:49.281769	Details available Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. Published: 2017-07-25T18:00:00.000Z Updated: 2024-08-06T06:41:08.383Z Open on db.gcve.eu Reference links https://lists.debian.org/debian-lts-announce/2018/11/msg00023.html http://www.openwall.com/lists/oss-security/2015/08/20/4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXWV22WGSQFDRPE7G6ECGP3QXS2V2A2M/ https://access.redhat.com/errata/RHSA-2017:1208 http://lists.opensuse.org/opensuse-updates/2016-11/msg00018.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5218`	vulnerable	2026-06-08 05:06:49.271363	Details available Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable. Published: 2015-11-09T16:00:00.000Z Updated: 2024-08-06T06:41:08.934Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-updates/2015-11/msg00035.html http://www.spinics.net/lists/util-linux-ng/msg11873.html https://github.com/kerolasa/lelux-utiliteetit/commit/70e3fcf293c1827a2655a86584ab13075124a8a8 https://bugzilla.redhat.com/show_bug.cgi?id=1259322 https://github.com/kerolasa/lelux-utiliteetit/commit/d883d64d96ab9bef510745d064a351145b9babec	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-5203`	vulnerable	2026-06-08 05:06:49.183888	Details available Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. Published: 2017-08-02T19:00:00.000Z Updated: 2024-08-06T06:41:07.991Z Open on db.gcve.eu Reference links https://lists.debian.org/debian-lts-announce/2018/11/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXWV22WGSQFDRPE7G6ECGP3QXS2V2A2M/ https://security.gentoo.org/glsa/201707-07 https://access.redhat.com/errata/RHSA-2017:1208 http://lists.opensuse.org/opensuse-updates/2016-11/msg00018.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3138`	vulnerable	2026-06-08 05:06:37.129210	Details available print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). Published: 2017-09-27T18:00:00.000Z Updated: 2024-08-06T05:39:31.079Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-updates/2017-05/msg00018.html https://github.com/the-tcpdump-group/tcpdump/issues/446 https://bugzilla.redhat.com/show_bug.cgi?id=1212342 https://github.com/the-tcpdump-group/tcpdump/commit/3ed82f4ed0095768529afc22b923c8f7171fff70	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9851`	vulnerable	2026-06-08 05:06:13.103335	Details available ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.522Z Open on db.gcve.eu Reference links https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=33b2d377b94eb738011bc7d5e90ca0a16ce4d471 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9850`	vulnerable	2026-06-08 05:06:13.102668	Details available Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.590Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=1343510 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9849`	vulnerable	2026-06-08 05:06:13.101957	Details available The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.615Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9848`	vulnerable	2026-06-08 05:06:13.095837	Details available Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.556Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9847`	vulnerable	2026-06-08 05:06:13.094997	Details available The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.560Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=1343506 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f4ece8c7c462c5449138f39401f66318b9ab0430 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9846`	vulnerable	2026-06-08 05:06:13.090643	Details available Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.941Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9845`	vulnerable	2026-06-08 05:06:13.089725	Details available The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.580Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=1343503 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9844`	vulnerable	2026-06-08 05:06:13.086491	Details available The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.555Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=1343502 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://www.openwall.com/lists/oss-security/2016/06/02/13	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9843`	vulnerable	2026-06-08 05:06:13.083224	Details available The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.600Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://www.openwall.com/lists/oss-security/2016/06/02/13 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://www.ubuntu.com/usn/USN-3131-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9842`	vulnerable	2026-06-08 05:06:13.079421	Details available Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.557Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=1343500 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd127860 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://www.openwall.com/lists/oss-security/2016/06/02/13	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-9841`	vulnerable	2026-06-08 05:06:13.074476	Details available The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." Published: 2017-03-20T16:00:00.000Z Updated: 2024-08-06T13:55:04.576Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html https://bugzilla.redhat.com/show_bug.cgi?id=1343499 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=f9ef11671c41da4cf973d0d880af1cdfbd127860 http://www.openwall.com/lists/oss-security/2016/06/02/13 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Leap

PURL mappings

Vulnerability references

Contribute