Opensuse Leap
460 CVEs affecting Opensuse Leap. Latest disclosed: 2026-04-22. Critical: 52, High: 174.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-1931 | Critical | 10.0 | 2016-01-31 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruptio… |
CVE-2019-17571 | Critical | 9.8 | 2019-12-20 | Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code… |
CVE-2019-11068 | Critical | 9.8 | 2019-04-10 | libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error… |
CVE-2017-14491 | Critical | 9.8 | 2017-10-04 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS resp… |
CVE-2017-14493 | Critical | 9.8 | 2017-10-03 | Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6… |
CVE-2016-9961 | Critical | 9.8 | 2017-06-06 | game-music-emu before 0.6.1 mishandles unspecified integer values. |
CVE-2016-9843 | Critical | 9.8 | 2017-05-23 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calcula… |
CVE-2016-9841 | Critical | 9.8 | 2017-05-23 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
CVE-2016-5178 | Critical | 9.8 | 2017-05-23 | Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact vi… |
CVE-2017-6542 | Critical | 9.8 | 2017-03-27 | The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol messa… |
CVE-2017-5337 | Critical | 9.8 | 2017-03-24 | Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified i… |
CVE-2017-5336 | Critical | 9.8 | 2017-03-24 | Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to… |
CVE-2017-5334 | Critical | 9.8 | 2017-03-24 | Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecifi… |
CVE-2014-9846 | Critical | 9.8 | 2017-03-20 | Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. |
CVE-2014-9852 | Critical | 9.8 | 2017-03-17 | distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vect… |
CVE-2016-7447 | Critical | 9.8 | 2017-02-06 | Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vec… |
CVE-2016-7446 | Critical | 9.8 | 2017-02-06 | Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This v… |
CVE-2016-9427 | Critical | 9.8 | 2016-12-12 | Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly… |
CVE-2016-4303 | Critical | 9.8 | 2016-09-26 | The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or exe… |
CVE-2016-5772 | Critical | 9.8 | 2016-08-07 | Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8… |