Leap Security Vulnerabilities
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process...
5.5CVSS
6.5AI Score
0.0005EPSS
9.8CVSS
9.3AI Score
0.002EPSS
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with.....
8.8CVSS
8.3AI Score
0.002EPSS
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown...
9.8CVSS
7.9AI Score
0.013EPSS
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown...
8.8CVSS
7.8AI Score
0.017EPSS
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative...
8.8CVSS
9.5AI Score
0.013EPSS
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer...
8.8CVSS
9.6AI Score
0.013EPSS
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC...
9.8CVSS
9.9AI Score
0.014EPSS
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer...
9.8CVSS
9.9AI Score
0.012EPSS
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted...
7.8CVSS
7.7AI Score
0.004EPSS
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory...
7.7CVSS
7.7AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than...
6.1CVSS
5.9AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than...
6.1CVSS
5.9AI Score
0.002EPSS
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit...
7.8CVSS
8.5AI Score
0.006EPSS
7.8CVSS
8.5AI Score
0.004EPSS
7.8CVSS
8.7AI Score
0.001EPSS
The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer...
9.8CVSS
9.5AI Score
0.409EPSS
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to...
6.1CVSS
6.2AI Score
0.002EPSS
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP...
7.5CVSS
7.9AI Score
0.032EPSS
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP...
9.8CVSS
8.5AI Score
0.009EPSS
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated...
7.5CVSS
7.2AI Score
0.023EPSS
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP...
9.8CVSS
8.7AI Score
0.009EPSS
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information...
9.8CVSS
8.5AI Score
0.017EPSS
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified...
7.5CVSS
7AI Score
0.019EPSS
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified...
7.5CVSS
7AI Score
0.035EPSS
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image...
5.5CVSS
6.4AI Score
0.021EPSS
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted...
7.8CVSS
7.2AI Score
0.013EPSS
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE...
7.8CVSS
7.5AI Score
0.008EPSS
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified...
7.5CVSS
7.3AI Score
0.007EPSS
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this...
5.9CVSS
5.2AI Score
0.003EPSS
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission...
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION...
7.5CVSS
5.8AI Score
0.003EPSS
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified...
9.8CVSS
6.7AI Score
0.023EPSS
The png coder in ImageMagick allows remote attackers to cause a denial of service...
7.5CVSS
7.1AI Score
0.018EPSS
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory...
7.5CVSS
7.1AI Score
0.021EPSS
Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource...
7.5CVSS
7.1AI Score
0.012EPSS
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application...
7.5CVSS
7.1AI Score
0.017EPSS
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib...
5.5CVSS
5.8AI Score
0.013EPSS
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified...
9.8CVSS
7AI Score
0.014EPSS
The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of...
9.8CVSS
7.6AI Score
0.014EPSS
Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified...
7.5CVSS
7.1AI Score
0.018EPSS
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image...
5.5CVSS
5.7AI Score
0.009EPSS
The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown...
9.8CVSS
7.6AI Score
0.014EPSS
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified...
9.8CVSS
8.7AI Score
0.012EPSS
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of...
7.5CVSS
7AI Score
0.027EPSS
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle...
5.5CVSS
5.7AI Score
0.011EPSS
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data...
6.1CVSS
5.9AI Score
0.002EPSS
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat...
5.5CVSS
6AI Score
0.007EPSS
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted...
7.8CVSS
7.2AI Score
0.007EPSS
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified...
7.5CVSS
7.1AI Score
0.02EPSS