1297 matches found
SUSE CVE-2026-52962
In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in cephsetxattr The oldblob in cephsetxattr can store ci-ixattrs.preallocblob value during the retry. However, it is never called the cephbufferput for the oldblob object. This patch fixes the issue of the...
SUSE SLES16 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:22187-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22187-1 advisory. This update for perl-HTTP-Daemon fixes the following issue - CVE-2026-8450: HTTP: Daemon versions before 6.17 for Perl allow OS command...
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2026:2583-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2583-1 advisory. Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. -...
SUSE SLES15: libopenvswitch-3_1-0 / libovn-23_03-0 / openvswitch / etc (SUSE-SU-2026:2475-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2475-1 advisory. This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498...
SUSE SLES16: bind / bind-doc / bind-modules-generic / bind-modules-ldap / etc (SUSE-SU-2026:22198-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22198-1 advisory. This update for bind fixes the following issues Upgrade to release 9.20.23: - CVE-2026-3039: BIND 9 server memory exhaustion durin...
MozillaFirefox-152.0-1.1 on GA media (moderate)
MozillaFirefox-152.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:11052-1 Rating: moderate Cross-References: CVE-2026-12289 CVE-2026-12290 CVE-2026-12291 CVE-2026-12292 CVE-2026-12293 CVE-2026-12294 CVE-2026-12295 CVE-2026-12296 CVE-2026-12297 CVE-2026-12298 CVE-2026-12299 CVE-2026-12300...
SUSE CVE-2026-12466
Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
libopenssl-3-devel-3.5.3-6.1 on GA media (moderate)
libopenssl-3-devel-3.5.3-6.1 on GA media Announcement ID: openSUSE-SU-2026:11023-1 Rating: moderate Cross-References: CVE-2026-34180 CVE-2026-34182 CVE-2026-34183 CVE-2026-42764 CVE-2026-42766 CVE-2026-42767 CVE-2026-42768 CVE-2026-42769 CVE-2026-42770 CVE-2026-45445 CVE-2026-45446 CVE-2026-45447...
SUSE SLES12 Security Update : memcached (SUSE-SU-2026:2292-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2292-1 advisory. This update for memcached fixes the following issues - CVE-2026-47783: timing side-channel in SASL password database authentication username...
SUSE SLES15 Security Update : python-Django (SUSE-SU-2026:2318-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2318-1 advisory. This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in...
SUSE CVE-2026-11630
Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
SUSE CVE-2026-10908
Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-11031
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Medium...
SUSE CVE-2026-11069
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11106
Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11172
Incorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11202
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
SUSE SLES16 Security Update : python-Pillow (SUSE-SU-2026:21861-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21861-1 advisory. This update for python-Pillow fixes the following issues - CVE-2026-42308: integer overflow in font processing can lead to denial ...
SUSE CVE-2026-9961
Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-9969
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...