Every CVE whose affected-product data names Opensuse Project Leap, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35)
CVE-2014-9841 — CVSS 9.8 (critical): The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors…
CVE-2014-9843 — CVSS 9.8 (critical): The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2014-9846 — CVSS 9.8 (critical): Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.
CVE-2017-6542 — CVSS 9.8 (critical): The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an…
CVE-2017-17806 — CVSS 7.8 (high): The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash…
CVE-2016-9958 — CVSS 7.8 (high): game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVE-2016-9959 — CVSS 7.8 (high): game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
CVE-2017-17805 — CVSS 7.8 (high): The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker…
CVE-2015-3138 — CVSS 7.5 (high): print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
CVE-2016-10048 — CVSS 7.5 (high): Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via…
CVE-2016-1254 — CVSS 7.5 (high): Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.
CVE-2016-7797 — CVSS 7.5 (high): Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an…
CVE-2014-9842 — CVSS 7.5 (high): Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service…
CVE-2014-9848 — CVSS 7.5 (high): Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2014-9850 — CVSS 7.5 (high): Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).
CVE-2014-9851 — CVSS 7.5 (high): ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
CVE-2016-5316 — CVSS 6.5 (medium): Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the…
CVE-2016-9436 — CVSS 6.5 (medium): parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via…
CVE-2016-5317 — CVSS 6.5 (medium): Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME…
CVE-2016-9435 — CVSS 6.5 (medium): The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to…
CVE-2015-8010 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows…
CVE-2017-5938 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows…
CVE-2016-10068 — CVSS 5.5 (medium): The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application…
CVE-2016-10069 — CVSS 5.5 (medium): coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an…
CVE-2014-9845 — CVSS 5.5 (medium): The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib…
CVE-2016-9960 — CVSS 5.5 (medium): game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
CVE-2016-9556 — CVSS 5.5 (medium): The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service…
CVE-2015-5203 — CVSS 5.5 (medium): Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service…
CVE-2015-5221 — CVSS 5.5 (medium): Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2…
CVE-2014-9844 — CVSS 5.5 (medium): The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read)…
CVE-2015-5218 — CVSS 2.1 (low): Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a…