Leap Security Vulnerabilities and Issues — Leap CVE List

Lucene search

Opensuse ProjectLeap

14 matches found

CVE•added 2017/12/20 11:29 p.m.•266 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or h...

7.8CVSS7.5AI score0.00109EPSS

CVE•added 2017/12/20 11:29 p.m.•181 views

CVE-2017-17806

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SH...

7.8CVSS7.4AI score0.00042EPSS

CVE•added 2017/12/05 4:29 p.m.•81 views

CVE-2016-1254

Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.

7.5CVSS7AI score0.03038EPSS

CVE•added 2017/03/20 4:59 p.m.•73 views

CVE-2014-9848

Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).

7.5CVSS7.1AI score0.02111EPSS

CVE•added 2017/04/12 8:59 p.m.•68 views

CVE-2016-9957

Stack-based buffer overflow in game-music-emu before 0.6.1.

7.8CVSS8.7AI score0.00291EPSS

CVE•added 2017/03/20 4:59 p.m.•64 views

CVE-2014-9849

The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

7.5CVSS7.1AI score0.01602EPSS

CVE•added 2017/03/20 4:59 p.m.•64 views

CVE-2014-9851

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

7.5CVSS7.1AI score0.02032EPSS

CVE•added 2017/03/23 5:59 p.m.•63 views

CVE-2016-10048

Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.

7.5CVSS7.3AI score0.04943EPSS

CVE•added 2017/04/12 8:59 p.m.•62 views

CVE-2016-9958

game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.

7.8CVSS8.5AI score0.00313EPSS

CVE•added 2017/03/20 4:59 p.m.•59 views

CVE-2014-9842

Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

7.5CVSS7.1AI score0.02361EPSS

CVE•added 2017/03/24 3:59 p.m.•59 views

CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

7.5CVSS7.2AI score0.02954EPSS

CVE•added 2017/03/20 4:59 p.m.•58 views

CVE-2014-9850

Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

7.5CVSS7.1AI score0.01602EPSS

CVE•added 2017/09/28 1:29 a.m.•53 views

CVE-2015-3138

print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

7.5CVSS8.1AI score0.00935EPSS

CVE•added 2017/04/12 8:59 p.m.•52 views

CVE-2016-9959

game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.

7.8CVSS8.5AI score0.00313EPSS