Vulnerabilities > Opensuse Project > Leap

DATE CVE VULNERABILITY TITLE RISK
2017-04-12 CVE-2016-9957 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in game-music-emu before 0.6.1.
7.8
2017-03-27 CVE-2017-6542 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
network
low complexity
putty opensuse-project opensuse CWE-119
critical
9.8
2017-03-27 CVE-2015-8010 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.
4.3
2017-03-24 CVE-2016-7797 7PK - Security Features vulnerability in multiple products
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
5.0
2017-03-23 CVE-2016-9556 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
4.3
2017-03-23 CVE-2016-10048 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
network
low complexity
imagemagick opensuse-project CWE-22
5.0
2017-03-20 CVE-2014-9851 Improper Input Validation vulnerability in multiple products
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
5.0
2017-03-20 CVE-2014-9850 Resource Management Errors vulnerability in multiple products
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
5.0
2017-03-20 CVE-2014-9849 Resource Exhaustion vulnerability in multiple products
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
5.0
2017-03-20 CVE-2014-9848 Resource Management Errors vulnerability in multiple products
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
5.0