Novell Leap vulnerabilities

CVE-2017-14496 [HIGH] CWE-191 CVE-2017-14496: Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --ad Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

CVE-2017-13704 [HIGH] CWE-20 CVE-2017-13704: In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.

CVE-2017-14494 [MEDIUM] CWE-200 CVE-2017-14494: dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

CVE-2015-5219 [HIGH] CWE-704 CVE-2015-5219: The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions fr The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

CVE-2014-9853 [MEDIUM] CWE-399 CVE-2014-9853: Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (mem Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.