Opensuse: Security Vulnerabilities
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVSS Score
9.8
EPSS Score
0.119
Published
2017-05-23
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
CVSS Score
8.8
EPSS Score
0.063
Published
2017-05-23
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVSS Score
9.8
EPSS Score
0.05
Published
2017-05-23
Integer underflow in the decode_level3_header function in lib/lha_file_header.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-04-21
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVSS Score
7.7
EPSS Score
0.034
Published
2017-04-13
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-04-13
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-04-13
Stack-based buffer overflow in game-music-emu before 0.6.1.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-12
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-12
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-12