Vulnerabilities > Opensuse > Leap

DATE CVE VULNERABILITY TITLE RISK
2017-06-12 CVE-2017-8871 Infinite Loop vulnerability in multiple products
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.
network
low complexity
gnome opensuse CWE-835
6.5
6.5
2017-06-12 CVE-2017-8834 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.
network
low complexity
gnome opensuse CWE-119
6.5
6.5
2017-06-06 CVE-2016-9961 Numeric Errors vulnerability in multiple products
game-music-emu before 0.6.1 mishandles unspecified integer values. 		9.8
9.8
2017-06-06 CVE-2016-9960 Divide By Zero vulnerability in multiple products
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash). 		5.5
5.5
2017-06-01 CVE-2017-8386 git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.
network
low complexity
git opensuse debian canonical fedoraproject
8.8
8.8
2017-05-23 CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs
critical
 9.8
9.8
2017-05-23 CVE-2016-9842 The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. 8.8
8.8
2017-05-23 CVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp nodejs
critical
 9.8
9.8
2017-05-23 CVE-2016-9840 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. 8.8
8.8
2017-05-23 CVE-2016-5178 Improper Input Validation vulnerability in multiple products
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
network
low complexity
google opensuse debian redhat fedoraproject CWE-20
critical
 9.8
9.8