Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-28	CVE-2015-3138	Improper Input Validation vulnerability in multiple products print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). network low complexity tcpdump opensuse opensuse-project CWE-20	5.0
2017-08-24	CVE-2014-4616	Improper Validation of Array Index vulnerability in multiple products Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function. network python simplejson-project opensuse-project opensuse CWE-129	4.3
2017-08-02	CVE-2015-5203	Double Free vulnerability in multiple products Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. local low complexity fedoraproject opensuse-project opensuse jasper-project CWE-415	5.5
2017-07-25	CVE-2015-5221	Use After Free vulnerability in multiple products Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. local low complexity fedoraproject opensuse-project opensuse jasper-project CWE-416	5.5
2017-06-06	CVE-2016-9960	Divide By Zero vulnerability in multiple products game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash). local low complexity game-music-emu-project fedoraproject opensuse-project opensuse novell CWE-369	5.5
2017-03-27	CVE-2015-8010	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi. network icinga opensuse opensuse-project CWE-79	4.3
2017-03-24	CVE-2016-7797	7PK - Security Features vulnerability in multiple products Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. network low complexity clusterlabs opensuse opensuse-project suse redhat CWE-254	5.0
2017-03-23	CVE-2016-9556	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. network imagemagick debian opensuse-project CWE-119	4.3
2017-03-23	CVE-2016-10048	Path Traversal vulnerability in multiple products Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. network low complexity imagemagick opensuse-project CWE-22	5.0
2017-03-20	CVE-2014-9851	Improper Input Validation vulnerability in multiple products ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). network low complexity opensuse opensuse-project canonical imagemagick CWE-20	5.0