Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2017-6542

  • EPSS 25.85%
  • Veröffentlicht 27.03.2017 17:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forward...

7.5

CVE-2016-7797

  • EPSS 2.95%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

9.8

CVE-2017-5334

  • EPSS 5.59%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Cert...

7.5

CVE-2017-5335

  • EPSS 3.54%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.

9.8

CVE-2017-5336

  • EPSS 3.94%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.

9.8

CVE-2017-5337

  • EPSS 2.81%
  • Veröffentlicht 24.03.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.

7.5

CVE-2016-9398

  • EPSS 4.11%
  • Veröffentlicht 23.03.2017 18:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

7.5

CVE-2016-9399

  • EPSS 2.14%
  • Veröffentlicht 23.03.2017 18:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

7.8

CVE-2016-10050

  • EPSS 0.27%
  • Veröffentlicht 23.03.2017 17:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

7.8

CVE-2016-10051

  • EPSS 0.34%
  • Veröffentlicht 23.03.2017 17:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.