VYPR

Leap

by OpenSUSE

Source repositories

CVEs (482)

  • CVE-2016-6214MedAug 12, 2016
    risk 0.43cvss 6.5epss 0.03

    gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

  • CVE-2016-6207MedAug 12, 2016
    risk 0.43cvss 6.5epss 0.06

    Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.

  • CVE-2016-6132MedAug 12, 2016
    risk 0.43cvss 6.5epss 0.03

    The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

  • CVE-2016-2191MedApr 13, 2016
    risk 0.43cvss 6.5epss 0.04

    The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

  • CVE-2016-1254HigDec 5, 2017
    risk 0.42cvss 7.5epss 0.03

    Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.

  • CVE-2015-3138HigSep 28, 2017
    risk 0.42cvss 7.5epss 0.02

    print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

  • CVE-2015-5219HigJul 21, 2017
    risk 0.42cvss 7.5epss 0.06

    The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

  • CVE-2016-10048HigMar 23, 2017
    risk 0.42cvss 7.5epss 0.07

    Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.

  • CVE-2016-10207HigFeb 28, 2017
    risk 0.42cvss 7.5epss 0.03

    The Xvnc server in TigerVNC allows remote attackers to cause a denial of service (invalid memory access and crash) by terminating a TLS handshake early.

  • CVE-2016-5316MedJan 20, 2017
    risk 0.42cvss 6.5epss 0.02

    Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.

  • CVE-2016-6905MedOct 3, 2016
    risk 0.42cvss 6.5epss 0.03

    The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

  • CVE-2013-4118HigOct 3, 2016
    risk 0.42cvss 7.5epss 0.04

    FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.

  • CVE-2016-5162MedSep 11, 2016
    risk 0.42cvss 6.5epss 0.01

    The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on…

  • CVE-2016-5160MedSep 11, 2016
    risk 0.42cvss 6.5epss 0.01

    The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on…

  • CVE-2016-5155MedSep 11, 2016
    risk 0.42cvss 6.5epss 0.01

    Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site.

  • CVE-2015-8948HigSep 7, 2016
    risk 0.42cvss 7.5epss 0.07

    idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.

  • CVE-2016-6161MedAug 12, 2016
    risk 0.42cvss 6.5epss 0.03

    The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

  • CVE-2016-5739HigJul 3, 2016
    risk 0.42cvss 7.5epss 0.03

    The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an…

  • CVE-2016-5706HigJul 3, 2016
    risk 0.42cvss 7.5epss 0.03

    js/get_scripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service via a large array in the scripts parameter.

  • CVE-2014-9773HigJun 13, 2016
    risk 0.42cvss 7.5epss 0.02

    modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks.

Page 13 of 25