Lucene search
K
SuseMost viewed

5449 matches found

SUSE Linux
SUSE Linux
•added 2024/12/06 12:33 p.m.•8 views

Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122186 fixes several issues. The following security issues were fixed: CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks bsc1229273. Patch Instructions: To install thi...

7.5CVSS7.6AI score0.00239EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2024/12/05 6:3 p.m.•8 views

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2024-35949: btrfs: make sure that WRITTEN is...

7.5CVSS8.2AI score0.00614EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2024/12/02 3:35 p.m.•8 views

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001324 fixes several issues. The following security issues were fixed: CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memor...

7.5CVSS8.1AI score0.00614EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2024/11/28 3:11 p.m.•8 views

Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.97 Fixed CVEs: CVE-2024-52316: If the Jakarta Authentication fails with an exception, set a 500 status bsc1233434 Catalina Add: Add support for the new Servlet API method HttpServletResponse.sendEarlyHints. markt Add: 55470:...

10CVSS8.2AI score0.06287EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2024/11/01 3:19 p.m.•8 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 bsc1231039. CVE-2024-40866 CVE-2024-44187 Already fixed in version 2.44.3: CVE-2024-4558 CVE-2024-27838 CVE-2024-27851 Already fixed in version 2.44.2: CVE-2024-27834 CVE-2024-27808 CVE-2024-27820 CVE-2024-27833...

8.8CVSS7.3AI score0.10593EPSS
Exploits7References28
SUSE Linux
SUSE Linux
•added last week•7 views

Security update for ansible-core

This update for ansible-core fixes the following issues: CVE-2026-11332: Argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

7.8CVSS6.4AI score0.00156EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/29 10:57 a.m.•7 views

Security update for opensc

This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. CVE-2026-10275: global buffer overflow during key...

7.3CVSS6AI score0.00296EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/06/29 5:42 a.m.•7 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: xen: x86 HVM I/O port list traversal XSA-491 bsc1266952. CVE-2026-42488: xen: x86: mismatched mapcache metadata XSA-494 bsc1266955. CVE-2026-42489,CVE-2026-42490: xen: domctl lock open to abuse XSA-492 bsc1266953. Patch Instructions:...

8.8CVSS5.8AI score0.00353EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/26 7:10 a.m.•7 views

Security update for apache2

This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in...

9.1CVSS7.2AI score0.4581EPSS
Exploits18References52
SUSE Linux
SUSE Linux
•added 2026/06/23 1:25 p.m.•7 views

Security update for google-guest-agent

This update for google-guest-agent fixes the following issues: CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39828: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39829: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39830: Update...

9.1CVSS6.9AI score0.91969EPSS
Exploits4References74
SUSE Linux
SUSE Linux
•added 2026/06/23 12:48 p.m.•7 views

Security update for libsolv, libzypp, zypper

This update for libsolv, libzypp, zypper fixes the following issues CVE-2026-9149: Heap buffer overflow in libsolv repoaddsolv via negative maxsize from crafted .solv file bsc1265935. CVE-2026-9150: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512...

8.7CVSS6.3AI score0.006EPSS
Exploits0References62
SUSE Linux
SUSE Linux
•added 2026/06/19 1:41 p.m.•7 views

Security update for apache-sshd, jpgpj

This update for apache-sshd, jpgpj fixes the following issues CVE-2020-36843: no check performed on scalar to avoid signature malleability bsc1239551. CVE-2026-48827: Apache MINA SSHD: Path traversal in org.apache.sshd: sshd-git bsc1267018. Changes for jpgpj: Initial packaging with v1.3 Changes f...

8.7CVSS6.4AI score0.00527EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/19 11:3 a.m.•7 views

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239342. CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238702...

9.1CVSS6.8AI score0.00868EPSS
Exploits3References62
SUSE Linux
SUSE Linux
•added 2026/06/19 11:2 a.m.•7 views

Security update for azure-storage-azcopy

This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: CVE-2025-47907: database/sql: incorrect results returned from Rows.Scan bsc1247720. CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

9.1CVSS7.2AI score0.01557EPSS
Exploits1References22
SUSE Linux
SUSE Linux
•added 2026/06/19 9:44 a.m.•7 views

Security update for python313

This update for python313 fixes the following issues Security issues: CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. CVE-2026-4786: oss-security CPython: Incomplete mitigation of ...

9.1CVSS6.5AI score0.00579EPSS
Exploits1References24
SUSE Linux
SUSE Linux
•added 2026/06/19 9:44 a.m.•7 views

Security update for openvswitch

This update for openvswitch fixes the following issues Update ovn to 25.03.3: CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499. Patch Instructions: To install this SUSE update use the SUSE...

7.5CVSS5.8AI score0.00868EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/18 1:49 p.m.•7 views

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. CVE-2026-22016: APIs in the specified...

8.7CVSS7.5AI score0.00702EPSS
Exploits0References30
SUSE Linux
SUSE Linux
•added 2026/06/18 1:49 p.m.•7 views

Security update for rootlesskit

This update for rootlesskit rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...

5.3AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/06/18 12:52 p.m.•7 views

Security update for krb5

This update for krb5 fixes the following issues Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4 zypper in -t patch...

5.9CVSS5.3AI score
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/18 8:51 a.m.•7 views

Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing...

8.7CVSS6.6AI score0.00715EPSS
Exploits3References38
SUSE Linux
SUSE Linux
•added 2026/06/18 7:24 a.m.•7 views

Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

8.1CVSS5.3AI score0.01231EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/18 7:10 a.m.•7 views

Security update for rustup

This update for rustup fixes the following issues CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257902. rust-shlex: Multiple issues involving quote API RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27 bsc1230032. Patch Instructions: To...

8.7CVSS5.3AI score0.00291EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/17 2:45 p.m.•7 views

Security update for alloy

This update for alloy fixes the following issues Security issues: CVE-2026-4427: github.com/jackc/pgproto3/v2: improper validation of field length allows a malicious PostgreSQL server to crash a client application via a DataRow message bsc1259919. CVE-2026-25934: github.com/go-git/go-git/v5:...

8.7CVSS6.7AI score0.01557EPSS
Exploits1References26
SUSE Linux
SUSE Linux
•added 2026/06/17 2:44 p.m.•7 views

Security update for wireshark

This update for wireshark fixes the following issues CVE-2026-5405: RDP dissector crash bsc1263767. CVE-2026-5656: Profile import crash and possible code execution bsc1263809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

8.8CVSS6.3AI score0.0018EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2026/06/17 9:50 a.m.•7 views

Security update for xwayland

This update for xwayland fixes the following issues: CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. bsc1266300 XKB Key Types Stack-based Buffer Overflow. bsc1266296 XKB...

5.3AI score
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/06/16 2:5 p.m.•7 views

Security update for container-suseconnect

This update for container-suseconnect rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...

5.3AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/06/11 4:9 p.m.•7 views

Security update for tomcat10

This update for tomcat10 fixes the following issues Update to Tomcat 10.1.55: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

8.7CVSS6.6AI score0.01339EPSS
Exploits2References28
SUSE Linux
SUSE Linux
•added 2026/06/10 2:53 p.m.•7 views

Security update for wicked

This update for wicked fixes the following issue CVE-2026-44932: indirect remote shell command injection via unsanitized DHCP options bsc1265221. Changes for wicked: Update to version 0.6.79 Fix to escape single-quotes in leaseinfo dump output used by the wicked test dhcp4 and wicked test dhcp6 a...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/10 1:22 p.m.•7 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: Update to version 3.14 bsc1265991 Patch Instructions: To install this SUSE...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/10 1:14 p.m.•7 views

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 7:39 a.m.•7 views

Security update for mariadb

This update for mariadb fixes the following issues: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. CVE-2026-35549: SHA2 auth plugin crash on large packets bsc1261413. CVE-2026-44168: wsrep SST unsafe parameter...

9.4CVSS7.1AI score0.00998EPSS
Exploits1References48
SUSE Linux
SUSE Linux
•added 2026/06/10 7:39 a.m.•7 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953. Special Instructions and Notes: Please reboot the system...

8.8CVSS5.4AI score0.00353EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/09 7:5 p.m.•7 views

Security update for go1.25

This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are...

6.9CVSS5.7AI score0.00904EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/09 2:33 p.m.•7 views

Security update for perl-XML-LibXML

This update for perl-XML-LibXML fixes the following issue CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences bsc1264715. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.2CVSS5.4AI score0.00531EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 1:22 p.m.•7 views

Security update for python-Django

This update for python-Django fixes the following issues CVE-2026-6873: signed cookie salt namespace collision in django.http.HttpRequest.getsignedcookie bsc1267578. CVE-2026-7666: potential unencrypted email transmission via STARTTLS in the SMTP backend bsc1267579. CVE-2026-8404: potential...

9.1CVSS5.4AI score0.00359EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/06/08 3:27 p.m.•7 views

Security update for firewalld

This update for firewalld fixes the following issue: CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

6.8CVSS5.4AI score0.00118EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/08 1:54 p.m.•7 views

Security update for mutt

This update for mutt fixes the following issues CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. CVE-2026-43861: missing check for \0 in urlpctdecode bsc1263895...

6.9CVSS5.4AI score0.00201EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/06/08 10:17 a.m.•7 views

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-34933: Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags bsc1261546. Patch Instructions: To install this SUSE update use the SUSE recommended...

5.5CVSS5.4AI score0.00203EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/08 8:53 a.m.•7 views

Security update for memcached

This update for memcached fixes the following issues CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881. Patch Instructions: To install this SUSE update...

8.1CVSS5.5AI score0.01312EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/05 12:16 p.m.•7 views

Security update for libjxl

This update for libjxl fixes the following issues: Security fixes: CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266460. Other fixes: Update to version 0.10.5: fix tile dimension in low memory rendering pipeline. fix number of...

9.2CVSS5.7AI score0.00367EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/03 6:6 p.m.•7 views

Security update for golang-github-prometheus-prometheus

This update for golang-github-prometheus-prometheus to version 3.5.3 fixes the following issues: Security issues fixed: CVE-2026-42151: AzureAD remote write: Fixed OAuth clientsecret being exposed in plaintext via /-/config endpoint bsc1263986 CVE-2026-42154: Remote-read: Reject snappy-compressed...

8.8CVSS6.9AI score0.01557EPSS
Exploits2References24
SUSE Linux
SUSE Linux
•added 2026/06/03 3:32 p.m.•7 views

Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issue Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4 zypper in -t patch...

6.8CVSS5.8AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/03 2:20 p.m.•7 views

Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

8.7CVSS7.2AI score0.00375EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/05/20 9:36 a.m.•7 views

Security update for distribution

This update for distribution rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/20 9:8 a.m.•7 views

Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256 authentication bsc1264174. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.5CVSS5.8AI score0.0077EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/20 7:24 a.m.•7 views

Security update for openssh

This update for openssh fixes the following issues Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise Server 12 SP5 LTSS zypper...

7.5CVSS6AI score0.00419EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/05/20 7:14 a.m.•7 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SU...

8.6CVSS5.9AI score0.0013EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/05/19 11:55 a.m.•7 views

Security update for haveged

This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/19 11:9 a.m.•7 views

Security update for postgresql14

This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2026/05/19 8:23 a.m.•7 views

Security update for python-Pillow

This update for python-Pillow fixes the following issue CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

8.7CVSS7.1AI score0.00114EPSS
Exploits0References4
Total number of security vulnerabilities5000