CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Opensuse Project » Leap » 42.1 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-6542 119 Overflow 2017-03-27 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow.
2 CVE-2017-5938 79 XSS 2017-03-15 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name.
3 CVE-2016-10069 20 DoS 2017-03-02 2017-03-07
4.3
None Remote Medium Not required None None Partial
coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.
4 CVE-2016-10068 20 DoS 2017-03-02 2018-10-30
4.3
None Remote Medium Not required None None Partial
The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.
5 CVE-2016-10048 22 Dir. Trav. 2017-03-23 2017-03-24
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
6 CVE-2016-9961 189 2017-06-06 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
game-music-emu before 0.6.1 mishandles unspecified integer values.
7 CVE-2016-9960 369 DoS 2017-06-06 2018-10-30
2.1
None Local Low Not required None None Partial
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
8 CVE-2016-9959 125 2017-04-12 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
9 CVE-2016-9958 119 Overflow 2017-04-12 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
10 CVE-2016-9957 119 Overflow 2017-04-12 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in game-music-emu before 0.6.1.
11 CVE-2016-9556 119 DoS Overflow 2017-03-23 2017-03-24
4.3
None Remote Medium Not required None None Partial
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
12 CVE-2016-9436 20 2017-01-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
13 CVE-2016-9435 20 2017-01-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.
14 CVE-2016-7797 254 DoS 2017-03-24 2018-10-30
5.0
None Remote Low Not required None None Partial
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
15 CVE-2016-5317 119 DoS Overflow 2017-01-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.
16 CVE-2016-5316 125 2017-01-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
17 CVE-2016-1254 119 DoS Overflow 2017-12-05 2018-10-30
5.0
None Remote Low Not required None None Partial
Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.
18 CVE-2015-8010 79 XSS 2017-03-27 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.
19 CVE-2015-5221 416 DoS 2017-07-25 2018-11-22
4.3
None Remote Medium Not required None None Partial
Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
20 CVE-2015-5218 119 DoS Overflow 2015-11-09 2018-10-30
2.1
None Local Low Not required None None Partial
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.
21 CVE-2015-5203 415 DoS 2017-08-02 2018-11-22
4.3
None Remote Medium Not required None None Partial
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
22 CVE-2015-3138 20 DoS 2017-09-28 2018-10-30
5.0
None Remote Low Not required None None Partial
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
23 CVE-2014-9851 20 DoS 2017-03-20 2018-10-30
5.0
None Remote Low Not required None None Partial
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
24 CVE-2014-9850 399 DoS 2017-03-20 2018-10-30
5.0
None Remote Low Not required None None Partial
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
25 CVE-2014-9849 400 DoS 2017-03-20 2018-10-30
5.0
None Remote Low Not required None None Partial
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
26 CVE-2014-9848 399 DoS 2017-03-20 2018-10-30
5.0
None Remote Low Not required None None Partial
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
27 CVE-2014-9847 119 Overflow 2017-03-20 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
28 CVE-2014-9846 119 Overflow 2017-03-20 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
29 CVE-2014-9845 119 DoS Overflow 2017-03-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
30 CVE-2014-9844 125 DoS 2017-03-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.
31 CVE-2014-9843 119 Overflow 2017-03-20 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
32 CVE-2014-9842 400 DoS 2017-03-20 2018-10-30
5.0
None Remote Low Not required None None Partial
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
33 CVE-2014-9841 388 2017-03-20 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions."
Total number of vulnerabilities : 33   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.