Lucene search
K
SuseMost viewed

5456 matches found

SUSE Linux
SUSE Linux
•added 2026/06/29 5:42 a.m.•7 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: xen: x86 HVM I/O port list traversal XSA-491 bsc1266952. CVE-2026-42488: xen: x86: mismatched mapcache metadata XSA-494 bsc1266955. CVE-2026-42489,CVE-2026-42490: xen: domctl lock open to abuse XSA-492 bsc1266953. Patch Instructions:...

8.8CVSS5.8AI score0.00353EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/26 7:10 a.m.•7 views

Security update for apache2

This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in...

9.1CVSS7.2AI score0.4581EPSS
Exploits18References52
SUSE Linux
SUSE Linux
•added 2026/06/23 3:38 p.m.•7 views

Security update for podman

This update for podman rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/06/23 1:25 p.m.•7 views

Security update for google-guest-agent

This update for google-guest-agent fixes the following issues: CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39828: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39829: Update golang.org/x/crypto dependency bsc1266171. CVE-2026-39830: Update...

9.1CVSS6.9AI score0.91969EPSS
Exploits4References74
SUSE Linux
SUSE Linux
•added 2026/06/23 8:53 a.m.•7 views

Security update for libinput

This update for libinput fixes the following issues CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.3CVSS5.8AI score0.00498EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/22 12:16 p.m.•7 views

Security update for postfix

This update for postfix fixes the following issue CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

8.2CVSS6.1AI score0.00415EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/19 1:41 p.m.•7 views

Security update for apache-sshd, jpgpj

This update for apache-sshd, jpgpj fixes the following issues CVE-2020-36843: no check performed on scalar to avoid signature malleability bsc1239551. CVE-2026-48827: Apache MINA SSHD: Path traversal in org.apache.sshd: sshd-git bsc1267018. Changes for jpgpj: Initial packaging with v1.3 Changes f...

8.7CVSS6.4AI score0.00527EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/19 1:37 p.m.•7 views

Security update for python-starlette

This update for python-starlette fixes the following issues CVE-2026-54282: request path that lacks a leading forward slash can lead to request.url.hostname manipulation bsc1268520. CVE-2026-54283: urlencoded request body with an oversized data can lead to a denial of service bsc1268517. Patch...

8.7CVSS5.8AI score0.00275EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/19 11:3 a.m.•7 views

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239342. CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs bsc1238702...

9.1CVSS6.8AI score0.00868EPSS
Exploits3References62
SUSE Linux
SUSE Linux
•added 2026/06/19 11:2 a.m.•7 views

Security update for azure-storage-azcopy

This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: CVE-2025-47907: database/sql: incorrect results returned from Rows.Scan bsc1247720. CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

9.1CVSS7.2AI score0.01557EPSS
Exploits1References22
SUSE Linux
SUSE Linux
•added 2026/06/19 10:11 a.m.•7 views

Security update for glibc

This update for glibc fixes the following issues: CVE-2026-4046: Use pending character state in IBM1390, IBM1399 character sets bsc1261206, BZ 33980 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

8.7CVSS5.8AI score0.00357EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/19 9:44 a.m.•7 views

Security update for openvswitch

This update for openvswitch fixes the following issues Update ovn to 25.03.3: CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499. Patch Instructions: To install this SUSE update use the SUSE...

7.5CVSS5.8AI score0.00868EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/18 1:49 p.m.•7 views

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. CVE-2026-22016: APIs in the specified...

8.7CVSS7.5AI score0.00702EPSS
Exploits0References30
SUSE Linux
SUSE Linux
•added 2026/06/18 12:52 p.m.•7 views

Security update for krb5

This update for krb5 fixes the following issues Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4 zypper in -t patch...

5.9CVSS5.3AI score
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/18 8:51 a.m.•7 views

Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing...

8.7CVSS6.6AI score0.00715EPSS
Exploits3References38
SUSE Linux
SUSE Linux
•added 2026/06/18 7:24 a.m.•7 views

Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

8.1CVSS5.3AI score0.01231EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/18 7:10 a.m.•7 views

Security update for rustup

This update for rustup fixes the following issues CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257902. rust-shlex: Multiple issues involving quote API RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27 bsc1230032. Patch Instructions: To...

8.7CVSS5.3AI score0.00291EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/17 2:45 p.m.•7 views

Security update for alloy

This update for alloy fixes the following issues Security issues: CVE-2026-4427: github.com/jackc/pgproto3/v2: improper validation of field length allows a malicious PostgreSQL server to crash a client application via a DataRow message bsc1259919. CVE-2026-25934: github.com/go-git/go-git/v5:...

8.7CVSS6.7AI score0.01557EPSS
Exploits1References26
SUSE Linux
SUSE Linux
•added 2026/06/17 2:44 p.m.•7 views

Security update for wireshark

This update for wireshark fixes the following issues CVE-2026-5405: RDP dissector crash bsc1263767. CVE-2026-5656: Profile import crash and possible code execution bsc1263809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

8.8CVSS6.3AI score0.0018EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2026/06/17 9:50 a.m.•7 views

Security update for xwayland

This update for xwayland fixes the following issues: CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. bsc1266300 XKB Key Types Stack-based Buffer Overflow. bsc1266296 XKB...

5.3AI score
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/06/16 2:5 p.m.•7 views

Security update for container-suseconnect

This update for container-suseconnect rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...

5.3AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/06/11 4:9 p.m.•7 views

Security update for tomcat10

This update for tomcat10 fixes the following issues Update to Tomcat 10.1.55: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

8.7CVSS6.6AI score0.01339EPSS
Exploits2References28
SUSE Linux
SUSE Linux
•added 2026/06/10 2:56 p.m.•7 views

Security update for wicked

This update for wicked fixes the following issues: CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/10 1:16 p.m.•7 views

Security update for kubernetes1.28

This update for kubernetes1.28 fixes the following issues: Security fixes: CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to deni...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 1:15 p.m.•7 views

Security update for kubernetes

This update for kubernetes fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265748. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 1:14 p.m.•7 views

Security update for kubernetes1.27

This update for kubernetes1.27 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 8:43 a.m.•7 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 8:43 a.m.•7 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•7 views

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•7 views

Security update for libsoup

This update for libsoup fixes the following issues CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution bsc1259767. Patch Instructions: To...

8.8CVSS5.7AI score0.00829EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2026/06/09 12:49 p.m.•7 views

Security update for strongswan

This update for strongswan fixes the following issue CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

7.7CVSS5.4AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 8:17 a.m.•7 views

Security update for podofo

This update for podofo fixes the following issue: CVE-2026-44348: double-free in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp bsc1265320. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

2.5CVSS5.4AI score0.00096EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 8:12 a.m.•7 views

Security update for nginx

This update for nginx fixes the following issue CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References4
SUSE Linux
SUSE Linux
•added 2026/06/05 12:16 p.m.•7 views

Security update for libjxl

This update for libjxl fixes the following issues: Security fixes: CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266460. Other fixes: Update to version 0.10.5: fix tile dimension in low memory rendering pipeline. fix number of...

9.2CVSS5.7AI score0.00367EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/03 6:6 p.m.•7 views

Security update for golang-github-prometheus-prometheus

This update for golang-github-prometheus-prometheus to version 3.5.3 fixes the following issues: Security issues fixed: CVE-2026-42151: AzureAD remote write: Fixed OAuth clientsecret being exposed in plaintext via /-/config endpoint bsc1263986 CVE-2026-42154: Remote-read: Reject snappy-compressed...

8.8CVSS6.9AI score0.01557EPSS
Exploits2References24
SUSE Linux
SUSE Linux
•added 2026/06/03 3:32 p.m.•7 views

Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issue Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4 zypper in -t patch...

6.8CVSS5.8AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/03 2:20 p.m.•7 views

Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

8.7CVSS7.2AI score0.00375EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/05/22 5:54 a.m.•7 views

Security update for rootlesskit

This update for rootlesskit rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15....

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/20 9:36 a.m.•7 views

Security update for distribution

This update for distribution rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/20 9:8 a.m.•7 views

Security update for postgresql-jdbc

This update for postgresql-jdbc fixes the following issue CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256 authentication bsc1264174. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.5CVSS5.8AI score0.0077EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/20 7:14 a.m.•7 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SU...

8.6CVSS5.9AI score0.0013EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/05/19 11:55 a.m.•7 views

Security update for haveged

This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...

7.8CVSS5.8AI score0.00185EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/19 11:9 a.m.•7 views

Security update for postgresql14

This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2026/05/19 8:23 a.m.•7 views

Security update for python-Pillow

This update for python-Pillow fixes the following issue CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

8.7CVSS7.1AI score0.00114EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/19 8:21 a.m.•7 views

Security update for rsync

This update for rsync fixes the following issue CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

8.6CVSS5.8AI score0.00393EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/05/19 7:10 a.m.•7 views

Security update for xen

This update for xen fixes the following issue CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

7.8CVSS5.8AI score0.00258EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/05/18 4:33 p.m.•7 views

Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.124 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
SUSE Linux
SUSE Linux
•added 2026/05/18 8:16 a.m.•7 views

Security update for php-composer2

This update for php-composer2 fixes the following issues CVE-2026-40176: command injection via malicious Perforce repository definition bsc1262254. CVE-2026-40261: command injection via malicious Perforce source reference/url bsc1262255. Changes for php-composer2: version update to 2.2.27 align...

7.8CVSS7.6AI score0.03255EPSS
Exploits4References20
SUSE Linux
SUSE Linux
•added 2026/05/18 8:15 a.m.•7 views

Security update for libsndfile

This update for libsndfile fixes the following issues CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when processing malformed IRCAM audio files bsc1248458. CVE-2026-37555: IMA-ADPCM integer overflow bsc1263695. Patch Instructions: To install this SUSE update...

8.8CVSS5.9AI score0.00585EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2026/05/18 8:13 a.m.•7 views

Security update for tiff

This update for tiff fixes the following issue CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

8.8CVSS5.8AI score0.00553EPSS
Exploits0References4
Total number of security vulnerabilities5000