Lucene search
K
SuseMost viewed

5440 matches found

SUSE Linux
SUSE Linux
•added 2026/05/19 8:21 a.m.•7 views

Security update for rsync

This update for rsync fixes the following issue CVE-2026-41035: count of entries mismatch can lead to a use-after-free bsc1262223. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

8.6CVSS5.8AI score0.00393EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/05/19 7:10 a.m.•7 views

Security update for xen

This update for xen fixes the following issue CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

7.8CVSS5.8AI score0.00258EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/05/18 8:16 a.m.•7 views

Security update for php-composer2

This update for php-composer2 fixes the following issues CVE-2026-40176: command injection via malicious Perforce repository definition bsc1262254. CVE-2026-40261: command injection via malicious Perforce source reference/url bsc1262255. Changes for php-composer2: version update to 2.2.27 align...

7.8CVSS7.6AI score0.03255EPSS
Exploits4References20
SUSE Linux
SUSE Linux
•added 2026/05/18 8:15 a.m.•7 views

Security update for libsndfile

This update for libsndfile fixes the following issues CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when processing malformed IRCAM audio files bsc1248458. CVE-2026-37555: IMA-ADPCM integer overflow bsc1263695. Patch Instructions: To install this SUSE update...

8.8CVSS5.9AI score0.00585EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2026/05/18 8:13 a.m.•7 views

Security update for tiff

This update for tiff fixes the following issue CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

8.8CVSS5.8AI score0.00553EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/18 7:42 a.m.•7 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty encryptedkey field but key wrapping algorithm set can lead to a denial of service bsc1262936. Patch Instructions: To install this SUSE update use th...

8.7CVSS6.3AI score0.00651EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/18 7:30 a.m.•7 views

Security update for podman

This update for podman rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.3...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/17 10:4 a.m.•7 views

Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.19 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
SUSE Linux
SUSE Linux
•added 2026/05/15 3:22 p.m.•7 views

Security update for openvswitch

This update for openvswitch fixes the following issue: CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

8.2CVSS5.8AI score0.00405EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/13 3:26 p.m.•7 views

Security update for Mesa

This update for Mesa fixes the following issue: CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party bsc1261998. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

6.8CVSS5.8AI score0.00348EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/13 9:13 a.m.•7 views

Security update for Mesa

This update for Mesa fixes the following issue: CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party bsc1261998. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

6.8CVSS5.8AI score0.00348EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/08 10:39 a.m.•7 views

Security update for vim

This update for vim fixes the following issue: Security fixes: CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. Other fixes: Update to 9.2.0398. 9.2.0398: MS-Windows: missing strptime support 9.2.0397: tabpanel: double-click opens a n...

6CVSS6.2AI score0.0062EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/07 11:53 a.m.•7 views

Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: CVE-2026-2332: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques bsc1262115. CVE-2026-5795: Fixed JaspiAuthenticator broken access control...

9.1CVSS5.8AI score0.01127EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2026/05/06 10:28 a.m.•7 views

Security update for java-25-openjdk

This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.3+9 April 2026 CPU. Security issues fixed: CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessibl...

8.7CVSS7.3AI score0.00702EPSS
Exploits0References38
SUSE Linux
SUSE Linux
•added 2026/05/06 8:45 a.m.•7 views

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.31+11 April 2026 CPU. Security issues fixed: CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

8.7CVSS7.2AI score0.00702EPSS
Exploits0References34
SUSE Linux
SUSE Linux
•added 2026/05/05 6:34 a.m.•7 views

Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during requeue-...

7.8CVSS6.8AI score0.96267EPSS
Exploits228References24
SUSE Linux
SUSE Linux
•added 2026/04/28 6:7 p.m.•7 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected proces...

6.5CVSS5.6AI score0.0072EPSS
Exploits2References32
SUSE Linux
SUSE Linux
•added 2026/04/27 4:55 p.m.•7 views

Security update for fontforge

This update for fontforge fixes the following issue: CVE-2025-15270: Remote code execution via malicious SFD file parsing bsc1256031. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

8.8CVSS8.3AI score0.00581EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/04/24 2:25 p.m.•7 views

Security update for dnsdist

This update for dnsdist fixes the following issues: Update to version 1.9.12. https://www.dnsdist.org/changelog.htmlchange-1.9.12 Security issues fixed: CVE-2026-0396: crafted DNS queries triggering domain-based dynamic rules can lead to HTML injection in the web dashboard bsc1261236...

8.2CVSS5.5AI score0.01028EPSS
Exploits0References28
SUSE Linux
SUSE Linux
•added 2026/04/24 11:47 a.m.•7 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Security fixes: CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. CVE-2026-25854: Occasionally open redirect bsc1261851. CVE-2026-29129: TLS cipher order is not preserved bsc1261852. CVE-2026-29145: OCSP checks sometimes...

8.7CVSS5.6AI score0.15831EPSS
Exploits5References40
SUSE Linux
SUSE Linux
•added 2026/04/24 11:44 a.m.•7 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG...

8.7CVSS5.8AI score0.00566EPSS
Exploits0References48
SUSE Linux
SUSE Linux
•added 2026/04/22 4:23 p.m.•7 views

Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

9.2CVSS6AI score0.00746EPSS
Exploits7References28
SUSE Linux
SUSE Linux
•added 2026/04/22 9:40 a.m.•7 views

Security update for kea

This update for kea fixes the following issues: Update to release 2.6.5. Security issues fixed: CVE-2026-3608: stack overflow error via specially crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemonsbsc1260380. Other updates and bugfixes: A null dereference is now ...

8.7CVSS5.8AI score0.01361EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/04/22 7:22 a.m.•7 views

Security update for python-python-multipart

This update for python-python-multipart fixes the following issue: CVE-2026-40347: crafted multipart/form-data can cause a denial of service bsc1262403. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.9CVSS5.7AI score0.00351EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/04/21 9:25 a.m.•7 views

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Internal changes to fix build issues with no impact for customers spacecmd: Version 5.1.13-0 Updated translation strings venv-salt-minion: Security issues fixed: CVE-2026-31958: Security patch for Salt vendored...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/04/21 9:24 a.m.•7 views

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Internal changes to fix build issues with no impact for customers spacecmd: Version 5.1.13-0 Updated translation strings uyuni-tools: Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key file...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2026/04/21 9:20 a.m.•7 views

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.1.13-0 Update translation strings uyuni-tools: Version 5.1.26-0 Fix applying PTF with images from RPMs bsc1252548 Ssl Key file can miss if CA password is blank bsc1254154 mgrpxy ssh tuning should happens before crypto policies bsc1254619...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2026/04/21 7:59 a.m.•7 views

Security update 5.1.3 for Multi-Linux Manager Client Tools and Salt Bundle

This update fixes the following issues: Implementation of Grafana and Prometheus observability packages: golang-github-QubitProducts-exporterexporter golang-github-boynux-squidexporter golang-github-lusitaniae-apacheexporter golang-github-prometheus-alertmanager...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2026/04/20 4:16 p.m.•7 views

Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issue: CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

8.7CVSS5.7AI score0.00357EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/04/20 3:58 p.m.•7 views

Security update for rootlesskit

This update for rootlesskit rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Lea...

5.7AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/04/17 10:13 a.m.•7 views

Security update for libcap

This update for libcap fixes the following issue: CVE-2026-4878: Address a potential TOCTOU race condition in capsetfile bsc1261809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

7.3CVSS5.7AI score0.00188EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/04/17 7:21 a.m.•7 views

Security update for smc-tools

This update for smc-tools fixes the following issue: Update to smc-tools v1.8.7: predictable /tmp file allows for local denial of service bsc1230052. Changelog: Update to v1.8.7: smcrnics: fix regression when PFT not available smcd/smcr: prevent DoS on statistics workfile present in /tmp/ Update ...

5.8AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/04/16 4:44 p.m.•7 views

Security update for NetworkManager

This update for NetworkManager fixes the following issues: CVE-2025-9615: non-admin users are allowed to use certificates from other users bsc1257359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.5CVSS5.7AI score0.00162EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/04/16 3:5 p.m.•7 views

Security update for rust1.93

This update for rust1.93 fixes the following issues: Security issue: CVE-2026-31812: denial of service via crafted QUIC initial packet bsc1259623. Non security issue: Resolve missing gcc requirement that may affect some crate buildin bsc1253321. Patch Instructions: To install this SUSE update use...

6.9CVSS5.8AI score0.005EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/04/16 2:25 p.m.•7 views

Security update for shim

This update for shim fixes the following issues: shim is updated to version 16.1: shimstartimage: fix guid/handle pairing when uninstalling protocols Fix uncompressed ipv6 netboot fix test segfaults caused by uninitialized memory SbatLevelVariable.txt: minor typo fix. Realloc needs to allocate on...

6.7CVSS6.6AI score0.00378EPSS
Exploits1References6
SUSE Linux
SUSE Linux
•added 2026/04/16 10:40 a.m.•7 views

Security update for freerdp

This update for freerdp fixes the following issues: Security fixes: CVE-2026-26271: Buffer overread in FreeRDP icon processing bsc1258979. CVE-2026-26955: Out-of-Bounds write in ClearCodec surface command handler bsc1258982. CVE-2026-26965: Out-of-bounds write in planar bitmap RLE decompression...

8.8CVSS6.7AI score0.00656EPSS
Exploits5References30
SUSE Linux
SUSE Linux
•added 2026/04/16 9:18 a.m.•7 views

Security update for vim

This update for vim fixes the following issues: Update to version 9.2.0280. CVE-2026-34982: missing input validation allows for a modeline sandbox bypass and can lead to arbitrary OS command execution bsc1261271. CVE-2026-34714: missing checks allow for a tabpanel modeline escape and can lead to...

9.3CVSS6.8AI score0.00834EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/04/16 9:16 a.m.•7 views

Security update for python3

This update for python3 fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined bsc1259611. CVE-2026-3479: improper resource argument validation can allow path traversal bsc1259989. CVE-2026-3644: incomplete control charact...

8.2CVSS5.9AI score0.00621EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/04/15 2:28 p.m.•7 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption...

8.8CVSS5.8AI score0.01481EPSS
Exploits4References100
SUSE Linux
SUSE Linux
•added 2026/04/15 1:37 p.m.•7 views

Security update for python313

This update for python313 fixes the following issues: Update to v3.13.13 CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined bsc1259611. CVE-2026-2297: cpython: incorrectly handled hook in FileLoader can lead to validation bypass bsc1259240...

8.3CVSS5.9AI score0.00621EPSS
Exploits0References30
SUSE Linux
SUSE Linux
•added 2026/04/15 1:36 p.m.•7 views

Security update for nghttp2

This update for nghttp2 fixes the following issue: CVE-2026-27135: assertion failure due to missing state validation can lead to DoS bsc1259845. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

8.2CVSS5.8AI score0.00775EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/04/15 7:33 a.m.•7 views

Security update for rust1.92

This update for rust1.92 fixes the following issues: CVE-2026-31812: Denial of service via crafted QUIC initial packet bsc1259623. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

6.9CVSS5.8AI score0.005EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/04/13 8:10 a.m.•7 views

Security update for python312

This update for python312 fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. CVE-2026-3479: improper resource argument validation in pkgutil.getdata can lead to path...

8.2CVSS5.9AI score0.00621EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/04/10 2:57 p.m.•7 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.1AI score0.00981EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/04/10 7:4 a.m.•7 views

Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.179 fixes various security issues The following security issues were fixed: CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689...

8.7CVSS6.7AI score0.00204EPSS
Exploits0References24
SUSE Linux
SUSE Linux
•added 2026/04/08 7:12 a.m.•7 views

Security update for ignition

This update for ignition fixes the following issue: CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260251 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.6CVSS5.9AI score0.01557EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/04/07 9:25 a.m.•7 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: Update to google-cloud-sap-agent 3.12 bsc1259816: CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260265. Changelog: Collect WLM metric...

8.6CVSS5.9AI score0.01557EPSS
Exploits1References6
SUSE Linux
SUSE Linux
•added 2026/03/30 1:44 p.m.•7 views

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings venv-salt-minion: Fix the typo causing buiding EL9 bundle without binary dependencies Backport security patches for Salt vendored tornado: CVE-2025-67724: missing validation of supplied reason phrase...

8.7CVSS6.7AI score0.00407EPSS
Exploits0References22
SUSE Linux
SUSE Linux
•added 2026/03/30 9:17 a.m.•7 views

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...

8.7CVSS6.8AI score0.00407EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/03/26 5:48 p.m.•7 views

Security update for kea

This update for kea fixes the following issues: Update to release 2.6.3 bsc1243240: CVE-2025-32801: Fixed loading a malicious hook library can lead to local privilege escalation. CVE-2025-32802: Fixed insecure handling of file paths allows multiple local attacks. CVE-2025-32803: Fixed insecure fi...

8.5CVSS5.9AI score0.00235EPSS
Exploits0References8
Total number of security vulnerabilities5000