Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_enterprise
(Suse)Repositories | https://github.com/nodejs/node |
#Vulnerabilities | 97 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2016-06-05 | CVE-2016-1702 | The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. | Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise | 6.5 | ||
2016-06-05 | CVE-2016-1703 | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise | 8.8 | ||
2016-06-20 | CVE-2016-2178 | The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. | Ubuntu_linux, Debian_linux, Node\.js, Openssl, Linux, Solaris, Linux_enterprise | 5.5 | ||
2016-07-23 | CVE-2016-5131 | Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise, Libxml2 | 8.8 | ||
2016-12-23 | CVE-2016-7966 | Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content. | Debian_linux, Fedora, Kmail, Linux_enterprise | 7.3 | ||
2017-02-03 | CVE-2016-8568 | The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. | Fedora, Libgit2, Leap, Opensuse, Linux_enterprise | 5.5 | ||
2017-02-03 | CVE-2016-8569 | The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. | Fedora, Libgit2, Leap, Opensuse, Linux_enterprise | 5.5 | ||
2017-04-12 | CVE-2016-9957 | Stack-based buffer overflow in game-music-emu before 0.6.1. | Game\-Music\-Emu, Leap, Opensuse, Leap, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server | 7.8 | ||
2017-04-12 | CVE-2016-9958 | game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. | Game\-Music\-Emu, Leap, Opensuse, Leap, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server | 7.8 | ||
2017-04-12 | CVE-2016-9959 | game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. | Game\-Music\-Emu, Leap, Opensuse, Leap, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server | 7.8 |