Lucene search
K
SuseMost viewed

5440 matches found

SUSE Linux
SUSE Linux
•added 2026/06/18 3:54 p.m.•8 views

Security update for frr

This update for frr fixes the following issue: CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths bsc1263859. CVE-2026-37457: Fix off-by-one error in FlowSpec operator array bounds check...

7.5CVSS4.8AI score0.00389EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/06/18 1:36 p.m.•8 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: Add workaround for Cortex-A76 erratum 1286807 bsc1266290. CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. CVE-2025-68822: Input: alps - fix...

9.3CVSS6.1AI score0.00563EPSS
Exploits1References350
SUSE Linux
SUSE Linux
•added 2026/06/16 1:29 p.m.•8 views

Security update for 389-ds

This update for 389-ds fixes the following issue Update to 2.7.0git193.9ab79d496: CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changelog: Issue 7503 - CVE-2026-9064 - Add a limit to...

8.7CVSS5.3AI score0.00815EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/16 8:7 a.m.•8 views

Security update for openssl-1_1-livepatches

This update for openssl-11-livepatches fixes the following issues CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

7.7CVSS5.3AI score0.02719EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/12 1:59 p.m.•8 views

Security update for qemu

This update for qemu fixes the following issues: Security fixes: CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files bsc1258509. CVE-2026-3842: hyperv/syndbg: missing mapped-length guard after...

5.1CVSS7AI score0.00114EPSS
Exploits1References10
SUSE Linux
SUSE Linux
•added 2026/06/12 9:14 a.m.•8 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc1263790...

9.3CVSS5.1AI score0.00563EPSS
Exploits5References52
SUSE Linux
SUSE Linux
•added 2026/06/11 4:6 p.m.•8 views

Security update for openssh

This update for openssh fixes the following issues CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. CVE-2026-35388: omitted connection multiplexing...

7.5CVSS7.1AI score0.0218EPSS
Exploits0References18
SUSE Linux
SUSE Linux
•added 2026/06/11 1:23 p.m.•8 views

Security update for nginx

This update for nginx fixes the following issues CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415...

9.2CVSS8.2AI score0.61469EPSS
Exploits43References28
SUSE Linux
SUSE Linux
•added 2026/06/10 1:22 p.m.•8 views

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issue CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260264. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

8.6CVSS6.4AI score0.01557EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/10 8:42 a.m.•8 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/09 2:34 p.m.•8 views

Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/09 2:32 p.m.•8 views

Security update for kubernetes1.24

This update for kubernetes1.24 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/09 12:52 p.m.•8 views

Security update for 389-ds

This update for 389-ds fixes the following issue CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changes for 389-ds: Update to version 2.0.20git90.9f70d434e. Patch Instructions: To...

8.7CVSS5.4AI score0.00815EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•8 views

Security update for vim

This update for vim fixes the following issues CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim...

8.5CVSS7.8AI score0.00917EPSS
Exploits1References26
SUSE Linux
SUSE Linux
•added 2026/06/09 7:58 a.m.•8 views

Security update for perl-Protocol-HTTP2

This update for perl-Protocol-HTTP2 fixes the following issue CVE-2026-10725: denial of service due to absence of inbound HPACK header-list size limit HTTP/2 Bomb attack bsc1267857. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...

7.5CVSS5.4AI score0.00414EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/08 10:17 a.m.•8 views

Security update for python311

This update for python311 fixes the following issues: CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

6CVSS5.4AI score0.00188EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/08 8:51 a.m.•8 views

Security update for memcached

This update for memcached fixes the following issues CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881. Patch Instructions: To install this SUSE update...

8.1CVSS5.5AI score0.01312EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/05 2:30 p.m.•8 views

Security update for bind

This update for bind fixes the following issues: CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...

7.5CVSS5.4AI score0.0181EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/06/05 2:4 p.m.•8 views

Security update for evince

This update for evince fixes the following issue CVE-2026-46529: Evince/Atril/Xreader command injection bsc1265880. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

7.5CVSS5.4AI score0.00529EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/05 12:16 p.m.•8 views

Security update for yq

This update for yq fixes the following issues: CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267053. CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows...

9.1CVSS5.6AI score0.00478EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/06/05 12:12 p.m.•8 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
SUSE Linux
SUSE Linux
•added 2026/06/05 12:11 p.m.•8 views

Security update for ignition

This update for ignition fixes the following issue CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265751. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/05 6:37 a.m.•8 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues Updated to Mozilla Thunderbird 140.11 bsc1265212 MFSA 2026-44: CVE-2026-8090: Use-after-free in the DOM: Networking component. CVE-2026-8092: Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2. CVE-2026-8094:...

8.8CVSS5.5AI score0.00605EPSS
Exploits0References48
SUSE Linux
SUSE Linux
•added 2026/06/03 2:14 p.m.•8 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/06/03 2:13 p.m.•8 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/06/03 1:58 p.m.•8 views

Security update 5.0.8 for Multi-Linux Manager Client Tools

This update fixes the following issues: prometheus-postgresexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248699 golang-github-QubitProducts-exporterexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCount...

7.5CVSS7.2AI score0.05994EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/06/03 11:35 a.m.•8 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013...

8.8CVSS6.6AI score0.00514EPSS
Exploits0References906
SUSE Linux
SUSE Linux
•added 2026/06/02 8:42 a.m.•8 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds...

5.8AI score
Exploits0References18
SUSE Linux
SUSE Linux
•added 2026/05/31 11:34 a.m.•8 views

Security update for the Linux Kernel (Live Patch 49 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.197 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798...

8.8CVSS6AI score0.03663EPSS
Exploits17References20
SUSE Linux
SUSE Linux
•added 2026/05/28 7:14 a.m.•8 views

Security update for xen

This update for xen fixes the following issues CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant tabl...

7.8CVSS5.8AI score0.00258EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/05/26 7:30 a.m.•8 views

Security update for busybox

This update for busybox fixes the following issue CVE-2026-29004: a crafted DHCPv6 response can lead to a heap buffer overflow in the DHCPv6 client bsc1263989. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.1CVSS6AI score0.00375EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/26 7:28 a.m.•8 views

Security update for xen

This update for xen fixes the following issues CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant tabl...

7.8CVSS5.8AI score0.00258EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/05/26 7:11 a.m.•8 views

Security update for python-urllib3

This update for python-urllib3 fixes the following issue CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

8.2CVSS5.8AI score0.00527EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/25 2:4 p.m.•8 views

Security update for libpng16

This update for libpng16 fixes the following issue: CVE-2026-34757: information disclosure and data corruption due to use-after-free in pngsetPLTE, pngsettRNS and pngsethIST bsc1261957. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

5.1CVSS5.8AI score0.00195EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/05/25 1:59 p.m.•8 views

Security update for xz

This update for xz fixes the following issue CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...

7.5CVSS5.9AI score0.00351EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/22 5:54 a.m.•8 views

Security update for rekor

This update for rekor rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/22 5:53 a.m.•8 views

Security update for container-suseconnect

This update for container-suseconnect rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/21 11:57 a.m.•8 views

Security update for php8

This update for php8 fixes the following issues CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References32
SUSE Linux
SUSE Linux
•added 2026/05/20 9:35 a.m.•8 views

Security update for runc

This update for runc rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/19 8:22 a.m.•8 views

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/18 1:19 p.m.•8 views

Security update for PackageKit

This update for PackageKit fixes the following issue: CVE-2026-41651: Do not allow re-invoking methods on non-new transactions bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zyppe...

9.3CVSS5.8AI score0.0046EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2026/05/18 8:12 a.m.•8 views

Security update for tiff

This update for tiff fixes the following issue CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

8.8CVSS5.8AI score0.00553EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/18 8:7 a.m.•8 views

Security update for python-python-multipart

This update for python-python-multipart fixes the following issue CVE-2026-42561: denial of service vulnerability in multipart part header parsing bsc1265250. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.5CVSS5.8AI score0.00549EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/18 8:2 a.m.•8 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker...

8.8CVSS6.1AI score0.93235EPSS
Exploits47References20
SUSE Linux
SUSE Linux
•added 2026/05/18 7:58 a.m.•8 views

Security update for php8

This update for php8 fixes the following issues CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References32
SUSE Linux
SUSE Linux
•added 2026/05/18 7:55 a.m.•8 views

Security update for perl-Crypt-URandom

This update for perl-Crypt-URandom fixes the following issue: CVE-2026-2474: negative length parameter in the XS function can lead to a heap-based buffer overflow bsc1258266. Changes for perl-Crypt-URandom: updated to 0.550.0 0.55 Fix for sysread/read failures. Thanks to Miha Purg for GH20 Fix fo...

8.2CVSS6AI score0.00295EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/18 7:53 a.m.•8 views

Security update for nginx

This update for nginx fixes the following issues Security issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...

8.3CVSS7.7AI score0.21621EPSS
Exploits0References18
SUSE Linux
SUSE Linux
•added 2026/05/18 7:41 a.m.•8 views

Security update for perl-Text-CSV_XS

This update for perl-Text-CSVXS fixes the following issue CVE-2026-7111: use-after-free when registered callbacks extend the Perl argument stack may enable type confusion or memory corruption bsc1263690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

8.6CVSS5.8AI score0.00158EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/18 7:40 a.m.•8 views

Security update for dnsmasq

This update for dnsmasq fixes the following issues Security issues: CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. CVE-2026-4891: heap-based out-of-bounds read vulnerability in the DNSSEC validation bsc1265002. CVE-2026-4892: heap-based out-of-bounds write vulnerability in...

9.2CVSS6AI score0.07237EPSS
Exploits4References34
SUSE Linux
SUSE Linux
•added 2026/05/18 7:38 a.m.•8 views

Security update for xen

This update for xen fixes the following issue CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

7.4CVSS5.8AI score0.00258EPSS
Exploits0References4
Total number of security vulnerabilities5000