Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-07-05 | CVE-2019-13301 | ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2019-07-05 | CVE-2019-13304 | ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.8 | ||
| 2019-07-05 | CVE-2019-13306 | ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.8 | ||
| 2019-07-05 | CVE-2019-13307 | ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 7.8 | ||
| 2019-07-05 | CVE-2019-13309 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2019-07-05 | CVE-2019-13311 | ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. | Ubuntu_linux, Debian_linux, Imagemagick, Leap | 6.5 | ||
| 2016-07-19 | CVE-2016-5385 | PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka... | Debian_linux, Drupal, Fedora, Storeever_msl6480_tape_library_firmware, System_management_homepage, Leap, Communications_user_data_repository, Enterprise_manager_ops_center, Linux, Php, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.1 | ||
| 2017-07-21 | CVE-2015-5219 | The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. | Ubuntu_linux, Debian_linux, Fedora, Leap, Ntp, Leap, Linux, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Tim_4r\-Id_dnp3_firmware, Tim_4r\-Ie_firmware, Linux_enterprise_debuginfo, Linux_enterprise_server, Manager, Manager_proxy, Openstack_cloud | 7.5 | ||
| 2015-12-15 | CVE-2015-7499 | Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Libxml2 | N/A | ||
| 2016-05-17 | CVE-2016-3705 | The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references. | Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Leap, Libxml2 | 7.5 |