Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-23	CVE-2016-5177	Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. network low complexity google opensuse debian redhat fedoraproject CWE-416	8.8
2017-04-21	CVE-2016-2347	Integer Overflow or Wraparound vulnerability in multiple products Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive. local low complexity opensuse debian lhasa-project CWE-190	7.8
2017-04-13	CVE-2015-8567	Memory Leak vulnerability in multiple products Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). network low complexity qemu canonical debian suse opensuse fedoraproject CWE-401	7.7
2017-04-13	CVE-2016-4068	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864. network low complexity opensuse roundcube CWE-79	6.1
2017-04-13	CVE-2015-8864	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068. network low complexity opensuse roundcube CWE-79	6.1
2017-04-12	CVE-2016-9959	Out-of-bounds Write vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. local low complexity opensuse-project suse opensuse game-music-emu-project CWE-787	7.8
2017-04-12	CVE-2016-9958	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. local low complexity opensuse-project suse opensuse game-music-emu-project CWE-119	7.8
2017-04-12	CVE-2016-9957	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in game-music-emu before 0.6.1. local low complexity opensuse-project suse opensuse game-music-emu-project CWE-119	7.8
2017-03-27	CVE-2017-6542	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow. network low complexity putty opensuse-project opensuse CWE-119 critical	9.8
2017-03-27	CVE-2015-8010	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi. network low complexity icinga opensuse-project opensuse CWE-79	6.1