CVEs (1,898)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
9Apple BoostCanonical+6 more20Boost Database ServerDebian Linux+17 moreMay 13, 2026 May 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
5Debian FedoraprojectGoogle+2 more7Chrome Debian LinuxEnterprise Linux Server Supplementary+4 moreMay 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. |
5Debian FedoraprojectGoogle+2 more7Chrome Debian LinuxEnterprise Linux Server Supplementary+4 moreMay 13, 2026 May 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. |
3Debian Lhasa ProjectOpensuse4Debian Linux LeapLhasa+1 moreMay 13, 2026 Apr 21, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive. |
6Canonical DebianFedoraproject+3 more10Debian Linux FedoraLeap+7 moreMay 13, 2026 Apr 13, 2017 N/A· v4 7.7 HIGH· v3 6.8 MEDIUM· v2 Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). |
2Opensuse Roundcube4Leap OpensuseRoundcube Webmail+1 moreMay 13, 2026 Apr 13, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-...Show more |
2Opensuse Roundcube4Leap OpensuseRoundcube Webmail+1 moreMay 13, 2026 Apr 13, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-...Show more |
4Game Music Emu Project OpensuseOpensuse Project+1 more9Game Music Emu LeapLeap+6 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. |
4Game Music Emu Project OpensuseOpensuse Project+1 more9Game Music Emu LeapLeap+6 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. |
4Game Music Emu Project OpensuseOpensuse Project+1 more9Game Music Emu LeapLeap+6 moreMay 13, 2026 Apr 12, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in game-music-emu before 0.6.1. |
3Opensuse Opensuse ProjectPutty3Leap LeapPuttyMay 13, 2026 Mar 27, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain s...Show more |
3Icinga OpensuseOpensuse Project3Icinga LeapLeapMay 13, 2026 Mar 27, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-...Show more |
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. |
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate. |
The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certifica...Show more |
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509...Show more |
5Clusterlabs OpensuseOpensuse Project+2 more7Enterprise Linux High Availability Enterprise Linux Resilient StorageLeap+4 moreMay 13, 2026 Mar 24, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. |
3Fedoraproject Jasper ProjectOpensuse3Fedora JasperLeapMay 13, 2026 Mar 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. |
4Fedoraproject Jasper ProjectOpensuse+1 more6Fedora JasperLeap+3 moreMay 13, 2026 Mar 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. |
2Imagemagick Opensuse2Imagemagick LeapMay 13, 2026 Mar 23, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted fil...Show more |