VYPR

Leap

by OpenSUSE

Source repositories

CVEs (482)

  • CVE-2016-1898MedJan 15, 2016
    risk 0.37cvss 5.5epss 0.13

    FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.

  • CVE-2016-1897MedJan 15, 2016
    risk 0.37cvss 5.5epss 0.15

    FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.

  • CVE-2015-5203MedAug 2, 2017
    risk 0.36cvss 5.5epss 0.02

    Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

  • CVE-2016-9960MedJun 6, 2017
    risk 0.36cvss 5.5epss 0.01

    game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

  • CVE-2016-9556MedMar 23, 2017
    risk 0.36cvss 5.5epss 0.02

    The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.

  • CVE-2014-9845MedMar 20, 2017
    risk 0.36cvss 5.5epss 0.02

    The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

  • CVE-2014-9844MedMar 20, 2017
    risk 0.36cvss 5.5epss 0.02

    The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

  • CVE-2014-9853MedMar 17, 2017
    risk 0.36cvss 5.5epss 0.02

    Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

  • CVE-2016-9830MedMar 1, 2017
    risk 0.36cvss 5.5epss 0.02

    The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.

  • CVE-2016-8688MedFeb 15, 2017
    risk 0.36cvss 5.5epss 0.02

    The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in…

  • CVE-2016-8569MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.

  • CVE-2016-8568MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.

  • CVE-2016-5241MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.

  • CVE-2016-2318MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.

  • CVE-2016-2317MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.02

    Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in…

  • CVE-2016-4956MedJul 5, 2016
    risk 0.36cvss 5.3epss 0.16

    ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

  • CVE-2016-0666MedApr 21, 2016
    risk 0.36cvss 5.5epss 0.02

    Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.

  • CVE-2016-0651MedApr 21, 2016
    risk 0.36cvss 5.5epss 0.01

    Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.

  • CVE-2016-0650MedApr 21, 2016
    risk 0.36cvss 5.5epss 0.02

    Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.

  • CVE-2016-0649MedApr 21, 2016
    risk 0.36cvss 5.5epss 0.02

    Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.

Page 17 of 25