Leap - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Leap
(Opensuse)

Repositories

• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/ImageMagick/ImageMagick
• https://github.com/torvalds/linux
• https://github.com/krb5/krb5
• https://github.com/madler/zlib

• https://github.com/libgd/libgd
• https://github.com/php/php-src
• https://github.com/ceph/ceph
• https://github.com/libarchive/libarchive
• https://github.com/roundcube/roundcubemail
• https://github.com/tats/w3m
• https://github.com/golang/go
• https://github.com/dbry/WavPack
• https://github.com/git/git
• https://github.com/file/file
• https://github.com/dosfstools/dosfstools
• https://github.com/atheme/atheme
• https://github.com/quassel/quassel
• https://github.com/opencontainers/runc
• https://github.com/bcgit/bc-java
• https://github.com/mm2/Little-CMS
• https://github.com/FFmpeg/FFmpeg
• https://github.com/uclouvain/openjpeg
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/mdadams/jasper
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/apache/httpd
• https://github.com/rdesktop/rdesktop
• https://github.com/ntp-project/ntp
• https://github.com/requests/requests
• https://github.com/esnet/iperf
• https://github.com/lighttpd/lighttpd1.4
• https://github.com/heimdal/heimdal
• https://github.com/erikd/libsndfile
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mysql/mysql-server
• https://github.com/WebKit/webkit
• https://github.com/liblouis/liblouis
• https://github.com/lavv17/lftp
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/ClusterLabs/pacemaker
• https://github.com/curl/curl
• https://github.com/vadz/libtiff
• https://github.com/libimobiledevice/libimobiledevice
• https://github.com/fragglet/lhasa
• https://github.com/TigerVNC/tigervnc
• https://github.com/stedolan/jq
• https://github.com/Matroska-Org/libmatroska
• https://github.com/the-tcpdump-group/tcpdump

#Vulnerabilities

1883

Date	Id	Summary	Products	Score	Patch	Annotated
2016-09-11	CVE-2016-5149	The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging script access to a resource that initially has the about:blank URL.	Chrome, Leap	8.8
2016-09-11	CVE-2016-5150	WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code that leverages certain side effects.	Chrome, Leap	8.8
2016-09-11	CVE-2016-5151	PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/javascript/JS_Object.cpp and fpdfsdk/javascript/app.cpp.	Chrome, Leap	8.8
2016-09-11	CVE-2016-5152	Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.	Chrome, Leap	8.8
2016-09-11	CVE-2016-5153	The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service (use-after-destruction) or possibly have unspecified other impact via a crafted web site.	Chrome, Leap	8.8
2016-09-11	CVE-2016-5154	Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JBig2 image.	Chrome, Leap	8.8
2016-09-11	CVE-2016-5155	Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site.	Chrome, Leap	6.5
2016-09-11	CVE-2016-5156	extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure to add an event matcher, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.	Chrome, Leap	8.8
2016-09-11	CVE-2016-5157	Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.	Fedora, Chrome, Leap	8.8
2016-09-11	CVE-2016-5158	Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.	Chrome, Leap	8.8