Vulnerabilities > Opensuse > Leap > 42.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-23 | CVE-2016-10051 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | 6.8 |
| 2017-03-23 | CVE-2016-10050 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file. | 6.8 |
| 2017-03-23 | CVE-2016-6225 | Inadequate Encryption Strength vulnerability in multiple products xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. | 5.9 |
| 2017-03-20 | CVE-2017-5930 | Missing Authorization vulnerability in multiple products The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check. | 3.5 |
| 2017-03-20 | CVE-2014-9848 | Resource Management Errors vulnerability in multiple products Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). | 5.0 |
| 2017-03-20 | CVE-2014-9846 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. | 7.5 |
| 2017-03-20 | CVE-2014-9845 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. | 4.3 |
| 2017-03-15 | CVE-2017-5938 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. | 4.3 |
| 2017-03-03 | CVE-2016-10070 | Out-of-bounds Read vulnerability in multiple products Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file. | 4.3 |
| 2017-03-02 | CVE-2016-10068 | Improper Input Validation vulnerability in Imagemagick The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. | 4.3 |