Opensuse_project Leap
35 CVEs affecting Opensuse_project Leap. Latest disclosed: 2017-12-20. Critical: 6, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-9961 | Critical | 9.8 | 2017-06-06 | game-music-emu before 0.6.1 mishandles unspecified integer values. |
CVE-2017-6542 | Critical | 9.8 | 2017-03-27 | The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol messa… |
CVE-2014-9847 | Critical | 9.8 | 2017-03-20 | The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. |
CVE-2014-9846 | Critical | 9.8 | 2017-03-20 | Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. |
CVE-2014-9843 | Critical | 9.8 | 2017-03-20 | The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. |
CVE-2014-9841 | Critical | 9.8 | 2017-03-20 | The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing… |
CVE-2017-17806 | High | 7.8 | 2017-12-20 | The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowi… |
CVE-2017-17805 | High | 7.8 | 2017-12-20 | The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_A… |
CVE-2016-9959 | High | 7.8 | 2017-04-12 | game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. |
CVE-2016-9958 | High | 7.8 | 2017-04-12 | game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. |
CVE-2016-9957 | High | 7.8 | 2017-04-12 | Stack-based buffer overflow in game-music-emu before 0.6.1. |
CVE-2016-1254 | High | 7.5 | 2017-12-05 | Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. |
CVE-2015-3138 | High | 7.5 | 2017-09-28 | print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). |
CVE-2016-7797 | High | 7.5 | 2017-03-24 | Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated con… |
CVE-2016-10048 | High | 7.5 | 2017-03-23 | Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. |
CVE-2014-9851 | High | 7.5 | 2017-03-20 | ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). |
CVE-2014-9850 | High | 7.5 | 2017-03-20 | Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). |
CVE-2014-9849 | High | 7.5 | 2017-03-20 | The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). |
CVE-2014-9848 | High | 7.5 | 2017-03-20 | Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). |
CVE-2014-9842 | High | 7.5 | 2017-03-20 | Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via… |