Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-03-24 | CVE-2017-5335 | The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate. | Gnutls, Leap | 7.5 | ||
| 2017-03-24 | CVE-2017-5334 | Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension. | Gnutls, Leap | 9.8 | ||
| 2018-03-05 | CVE-2017-18215 | xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value. | Leap, Xv | 9.8 | ||
| 2017-03-01 | CVE-2016-9830 | The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | Debian_linux, Graphicsmagick, Leap, Opensuse | 5.5 | ||
| 2017-02-15 | CVE-2016-8689 | The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive. | Libarchive, Leap | 7.5 | ||
| 2017-02-15 | CVE-2016-8688 | The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c. | Libarchive, Leap | 5.5 | ||
| 2017-02-15 | CVE-2016-8687 | Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename. | Libarchive, Leap | 7.5 | ||
| 2017-02-06 | CVE-2016-7800 | Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow. | Debian_linux, Graphicsmagick, Leap, Opensuse | 7.5 | ||
| 2017-03-24 | CVE-2016-7797 | Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. | Pacemaker, Leap, Leap, Enterprise_linux_high_availability, Enterprise_linux_resilient_storage, Linux_enterprise_high_availability, Linux_enterprise_software_development_kit | 7.5 | ||
| 2016-12-23 | CVE-2016-7787 | A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user. | Kde\-Cli\-Tools, Leap, Opensuse | 4.9 |