Opensuse

Leap

1897 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-8874

Exploit
  • EPSS 2.92%
  • Veröffentlicht 16.05.2016 10:59:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.

7.5

CVE-2015-8873

Exploit
  • EPSS 2.79%
  • Veröffentlicht 16.05.2016 10:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) via recursive method calls.

9.8

CVE-2015-4116

Exploit
  • EPSS 5.43%
  • Veröffentlicht 16.05.2016 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation.

10

CVE-2015-8863

  • EPSS 17.25%
  • Veröffentlicht 06.05.2016 17:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.

5.5

CVE-2016-3718

Warnung
  • EPSS 79.25%
  • Veröffentlicht 05.05.2016 18:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.

5.8

CVE-2016-3715

Warnung Exploit
  • EPSS 79.8%
  • Veröffentlicht 05.05.2016 18:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

10

CVE-2016-3714

Warnung
  • EPSS 93.75%
  • Veröffentlicht 05.05.2016 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "I...

5.9

CVE-2016-2107

  • EPSS 79.14%
  • Veröffentlicht 05.05.2016 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against...

7.5

CVE-2016-2105

  • EPSS 50.8%
  • Veröffentlicht 05.05.2016 01:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

10

CVE-2016-2807

  • EPSS 1.32%
  • Veröffentlicht 30.04.2016 17:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or...