Leap

leap

Vendor: Opensuse • 1,898 CVEs

CVEs (1,898)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-8689 2Libarchive Opensuse 2Leap Libarchive May 13, 2026 Feb 15, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archi...Show more The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.Show less
CVE-2016-8688 2Libarchive Opensuse 2Leap Libarchive May 13, 2026 Feb 15, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read...Show more The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.Show less
CVE-2016-8687 2Libarchive Opensuse 2Leap Libarchive May 13, 2026 Feb 15, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
CVE-2016-7800 3Debian GraphicsmagickOpensuse 4Debian Linux GraphicsmagickLeap+1 more May 13, 2026 Feb 6, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-b...Show more Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.Show less
CVE-2016-7449 3Debian GraphicsmagickOpensuse 4Debian Linux GraphicsmagickLeap+1 more May 13, 2026 Feb 6, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
CVE-2016-7448 3Debian GraphicsmagickOpensuse 4Debian Linux GraphicsmagickLeap+1 more May 13, 2026 Feb 6, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
CVE-2016-7447 3Debian GraphicsmagickOpensuse 4Debian Linux GraphicsmagickLeap+1 more May 13, 2026 Feb 6, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2016-7446 3Debian GraphicsmagickOpensuse 4Debian Linux GraphicsmagickLeap+1 more May 13, 2026 Feb 6, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2...Show more Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.Show less
CVE-2016-10165 6Canonical DebianLittlecms+3 more 19Active Iq Unified Manager Debian LinuxE Series Santricity Management+16 more May 13, 2026 Feb 3, 2017 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bo...Show more The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.Show less
CVE-2016-8569 4Fedoraproject Libgit2 ProjectOpensuse+1 more 5Fedora LeapLibgit2+2 more May 13, 2026 Feb 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
CVE-2016-8568 4Fedoraproject Libgit2 ProjectOpensuse+1 more 5Fedora LeapLibgit2+2 more May 13, 2026 Feb 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVE-2016-5241 3Debian GraphicsmagickOpensuse 4Debian Linux GraphicsmagickLeap+1 more May 13, 2026 Feb 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVE-2016-2318 4Debian GraphicsmagickOpensuse+1 more 7Debian Linux GraphicsmagickLeap+4 more May 13, 2026 Feb 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in code...Show more GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/render.c.Show less
CVE-2016-2317 4Debian GraphicsmagickOpensuse+1 more 7Debian Linux GraphicsmagickLeap+4 more May 13, 2026 Feb 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in m...Show more Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.Show less
CVE-2015-7976 4Novell NtpOpensuse+1 more 10Leap Linux Enterprise DebuginfoLinux Enterprise Desktop+7 more May 13, 2026 Jan 30, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
CVE-2016-9436 3Opensuse Opensuse ProjectTats 3Leap LeapW3m May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag.
CVE-2016-9435 3Opensuse Opensuse ProjectTats 3Leap LeapW3m May 13, 2026 Jan 20, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags.
CVE-2016-7787 2Kde Opensuse 3Kde Cli Tools LeapOpensuse May 6, 2026 Dec 23, 2016 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user.
CVE-2016-2312 3Fedoraproject KdeOpensuse 4Fedora KscreenlockerLeap+1 more May 6, 2026 Dec 23, 2016 N/A· v4 6.8 MEDIUM· v3 4.6 MEDIUM· v2 Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
CVE-2016-9427 3Bdwgc Project DebianOpensuse 4Bdwgc Debian LinuxLeap+1 more May 6, 2026 Dec 12, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.

Previous 1...767778...95 Next