Product:

Leap

(Opensuse)
Repositories https://github.com/phpmyadmin/phpmyadmin
https://github.com/ImageMagick/ImageMagick
https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/madler/zlib
https://github.com/libgd/libgd
https://github.com/php/php-src
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/roundcube/roundcubemail
https://github.com/tats/w3m
https://github.com/golang/go
https://github.com/dbry/WavPack
https://github.com/git/git
https://github.com/file/file
https://github.com/dosfstools/dosfstools
https://github.com/atheme/atheme
https://github.com/quassel/quassel
https://github.com/bcgit/bc-java
https://github.com/esnet/iperf
https://github.com/apache/httpd
https://github.com/opencontainers/runc
https://github.com/mm2/Little-CMS
https://github.com/FFmpeg/FFmpeg
https://github.com/uclouvain/openjpeg
https://git.kernel.org/pub/scm/git/git.git
https://github.com/mdadams/jasper
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/rdesktop/rdesktop
https://github.com/ntp-project/ntp
https://github.com/requests/requests
https://github.com/lighttpd/lighttpd1.4
https://github.com/heimdal/heimdal
https://github.com/erikd/libsndfile
https://github.com/FreeRDP/FreeRDP
https://github.com/mysql/mysql-server
https://github.com/WebKit/webkit
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/ClusterLabs/pacemaker
https://github.com/curl/curl
https://github.com/vadz/libtiff
https://github.com/libimobiledevice/libimobiledevice
https://github.com/fragglet/lhasa
https://github.com/TigerVNC/tigervnc
https://github.com/stedolan/jq
https://github.com/Matroska-Org/libmatroska
https://github.com/the-tcpdump-group/tcpdump
#Vulnerabilities 1884
Date Id Summary Products Score Patch Annotated
2016-01-31 CVE-2016-1937 The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended. Firefox, Leap, Opensuse 6.1
2016-01-31 CVE-2016-1933 Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image. Firefox, Leap, Opensuse 6.5
2016-01-31 CVE-2016-1931 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors. Firefox, Leap, Opensuse 10.0
2016-01-15 CVE-2016-1898 FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file. Ubuntu_linux, Ffmpeg, Leap 5.5
2016-01-15 CVE-2016-1897 FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file. Ubuntu_linux, Ffmpeg, Leap 5.5
2016-04-12 CVE-2016-1866 Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream. Leap, Salt 8.1
2017-02-28 CVE-2016-10207 The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early. Leap, Tigervnc 7.5
2017-03-02 CVE-2016-10068 The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file. Imagemagick, Leap, Leap 5.5
2017-03-03 CVE-2016-10065 The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. Imagemagick, Leap 7.8
2016-04-21 CVE-2016-0655 Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB. Debian_linux, Mariadb, Leap, Mysql, Enterprise_linux 4.7