High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-23	CVE-2015-5334	Out-of-bounds Write vulnerability in multiple products Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. network low complexity openbsd opensuse CWE-787	7.5
2019-12-17	CVE-2014-8179	Improper Input Validation vulnerability in multiple products Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation. network low complexity docker opensuse CWE-20	7.5
2018-06-08	CVE-2014-5220	Command Injection vulnerability in multiple products The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root. local low complexity opensuse mdadm-project CWE-77	7.8
2017-12-05	CVE-2016-1254	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor. network low complexity torproject opensuse-project debian fedoraproject opensuse CWE-119	7.5
2017-05-23	CVE-2016-9842	The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. network low complexity gnu opensuse debian canonical oracle redhat apple nodejs	8.8
2017-05-23	CVE-2016-9840	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple nodejs	8.8
2017-05-23	CVE-2016-5177	Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. network low complexity google opensuse debian redhat fedoraproject CWE-416	8.8
2017-04-12	CVE-2016-9959	Out-of-bounds Write vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. local low complexity opensuse-project suse opensuse game-music-emu-project CWE-787	7.8
2017-04-12	CVE-2016-9958	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. local low complexity opensuse-project suse opensuse game-music-emu-project CWE-119	7.8
2017-04-12	CVE-2016-9957	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in game-music-emu before 0.6.1. local low complexity opensuse-project suse opensuse game-music-emu-project CWE-119	7.8