Opensuse Project Suse Linux Enterprise Desktop vulnerabilities

CVE-2015-3405 [HIGH] CWE-331 CVE-2015-3405: ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

CVE-2014-9847 [CRITICAL] CWE-119 CVE-2014-9847: The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

CVE-2014-9846 [CRITICAL] CWE-119 CVE-2014-9846: Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote at Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

CVE-2014-9841 [CRITICAL] CWE-388 CVE-2014-9841: The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have un The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."

CVE-2014-9843 [CRITICAL] CWE-119 CVE-2014-9843: The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.

CVE-2014-9842 [HIGH] CWE-400 CVE-2014-9842: Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attac Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

CVE-2014-9850 [HIGH] CWE-399 CVE-2014-9850: Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource co Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

CVE-2014-9848 [HIGH] CWE-399 CVE-2014-9848: Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption) Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).

CVE-2014-9849 [HIGH] CWE-400 CVE-2014-9849: The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

CVE-2014-9851 [HIGH] CWE-20 CVE-2014-9851: ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

CVE-2014-9844 [MEDIUM] CWE-125 CVE-2014-9844: The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

CVE-2014-9845 [MEDIUM] CWE-119 CVE-2014-9845: The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial o The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

CVE-2014-4258 [MEDIUM] CVE-2014-4258: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.