Product:

Linux_enterprise

(Suse)
Repositories https://github.com/nodejs/node
#Vulnerabilities 97
Date Id Summary Products Score Patch Annotated
2016-06-05 CVE-2016-1702 The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 6.5
2016-06-05 CVE-2016-1703 Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise 8.8
2016-06-20 CVE-2016-2178 The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. Ubuntu_linux, Debian_linux, Node\.js, Openssl, Linux, Solaris, Linux_enterprise 5.5
2016-07-23 CVE-2016-5131 Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Chrome, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Linux_enterprise, Libxml2 8.8
2016-12-23 CVE-2016-7966 Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content. Debian_linux, Fedora, Kmail, Linux_enterprise 7.3
2017-02-03 CVE-2016-8568 The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. Fedora, Libgit2, Leap, Opensuse, Linux_enterprise 5.5
2017-02-03 CVE-2016-8569 The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. Fedora, Libgit2, Leap, Opensuse, Linux_enterprise 5.5
2017-04-12 CVE-2016-9957 Stack-based buffer overflow in game-music-emu before 0.6.1. Game\-Music\-Emu, Leap, Opensuse, Leap, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server 7.8
2017-04-12 CVE-2016-9958 game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations. Game\-Music\-Emu, Leap, Opensuse, Leap, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server 7.8
2017-04-12 CVE-2016-9959 game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values. Game\-Music\-Emu, Leap, Opensuse, Leap, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server 7.8