Lucene search
K
SuseMost viewed

5440 matches found

SUSE Linux
SUSE Linux
•added 2 days ago•6 views

Security update for golang-github-docker-libnetwork

This update for golang-github-docker-libnetwork fixes the following issue CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259566. Patch Instructions: To install this SUSE...

8.2CVSS6AI score0.00475EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2 days ago•6 views

Security update for fontforge

This update for fontforge fixes the following issues CVE-2025-15269: Remote Code Execution via Use-After-Free in SFD file parsing bsc1256032. CVE-2025-15275: Arbitrary code execution via SFD file parsing buffer overflow bsc1256025. CVE-2025-15279: Remote Code Execution via heap-based buffer...

8.8CVSS6.7AI score0.0058EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 6 days ago•6 views

Security update for ansible-core

This update for ansible-core fixes the following issues: CVE-2026-11332: Argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

7.8CVSS6.4AI score0.00156EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 6 days ago•6 views

Security update for opensc

This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. CVE-2026-10275: global buffer overflow during key...

7.3CVSS6AI score0.00296EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 6 days ago•6 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: xen: x86 HVM I/O port list traversal XSA-491 bsc1266952. CVE-2026-42488: xen: x86: mismatched mapcache metadata XSA-494 bsc1266955. CVE-2026-42489,CVE-2026-42490: xen: domctl lock open to abuse XSA-492 bsc1266953. Patch Instructions:...

8.8CVSS5.8AI score0.00353EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/26 7:10 a.m.•6 views

Security update for apache2

This update for apache2 fixes the following issues Update to 2.4.66 jscPED-16334: Security issues: CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in...

9.1CVSS7.2AI score0.4581EPSS
Exploits18References52
SUSE Linux
SUSE Linux
•added 2026/06/23 1:38 p.m.•6 views

Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.81 fixes various security issues The following security issues were fixed: CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cac...

8.8CVSS6.4AI score0.0049EPSS
Exploits8References26
SUSE Linux
SUSE Linux
•added 2026/06/23 12:48 p.m.•6 views

Security update for libsolv, libzypp, zypper

This update for libsolv, libzypp, zypper fixes the following issues CVE-2026-9149: Heap buffer overflow in libsolv repoaddsolv via negative maxsize from crafted .solv file bsc1265935. CVE-2026-9150: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512...

8.7CVSS6.3AI score0.006EPSS
Exploits0References62
SUSE Linux
SUSE Linux
•added 2026/06/23 8:53 a.m.•6 views

Security update for libinput

This update for libinput fixes the following issues CVE-2026-50265,CVE-2026-50292: crafted uinput devices can lead to local privilege escalation bsc1267852. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.3CVSS5.8AI score0.00498EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/22 12:16 p.m.•6 views

Security update for postfix

This update for postfix fixes the following issue CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

8.2CVSS6.1AI score0.00415EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/19 1:37 p.m.•6 views

Security update for python-starlette

This update for python-starlette fixes the following issues CVE-2026-54282: request path that lacks a leading forward slash can lead to request.url.hostname manipulation bsc1268520. CVE-2026-54283: urlencoded request body with an oversized data can lead to a denial of service bsc1268517. Patch...

8.7CVSS5.8AI score0.00275EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/19 10:11 a.m.•6 views

Security update for glibc

This update for glibc fixes the following issues: CVE-2026-4046: Use pending character state in IBM1390, IBM1399 character sets bsc1261206, BZ 33980 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

8.7CVSS5.8AI score0.00357EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/18 7:8 a.m.•6 views

Security update for glibc

This update for glibc fixes the following issues: CVE-2026-5928: libio: Fix ungetwc operating on byte stream bsc1262464, BZ 33998 CVE-2026-5450: stdio-common: Fix buffer overflow in scanf %mc bsc1262465, BZ 34008 CVE-2026-4046: Use pending character state in IBM1390, IBM1399 character sets...

8.7CVSS5.6AI score0.00451EPSS
Exploits3References12
SUSE Linux
SUSE Linux
•added 2026/06/17 9:52 a.m.•6 views

Security update for docker

This update for docker fixes the following issues: Update to Docker 29.4.0. See upstream changelog online at Update to buildx 0.33.0. See upstream changelog online at Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

6.9CVSS6.6AI score0.00521EPSS
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/06/16 2:36 p.m.•6 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc1263790. CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1263995. CVE-2026-43206:...

8.8CVSS5.1AI score0.00563EPSS
Exploits5References32
SUSE Linux
SUSE Linux
•added 2026/06/16 12:24 p.m.•6 views

Security update for buildah

This update for buildah rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux Enterprise...

5.3AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/06/16 8:7 a.m.•6 views

Security update for openssl-1_1-livepatches

This update for openssl-11-livepatches fixes the following issues CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

7.7CVSS5.3AI score0.02719EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/16 6:54 a.m.•6 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341...

8.2CVSS5.3AI score0.02719EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/06/15 2:34 p.m.•6 views

Security update for openssl-3

This update for openssl-3 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing...

8.2CVSS5.3AI score0.02719EPSS
Exploits0References32
SUSE Linux
SUSE Linux
•added 2026/06/15 2:34 p.m.•6 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL...

8.2CVSS8.1AI score0.02719EPSS
Exploits0References30
SUSE Linux
SUSE Linux
•added 2026/06/15 1:19 p.m.•6 views

Security update for libcaca

This update for libcaca fixes the following issue CVE-2026-42046: an integer overflow vulnerability in libcaca's canvas import functionality may allow an attacker to cause a controlled heap out-of-bounds write bsc1264984. Patch Instructions: To install this SUSE update use the SUSE recommended...

7.8CVSS5.4AI score0.00223EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/12 2:0 p.m.•6 views

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue CVE-2026-42050: stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/11 4:7 p.m.•6 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: Security fixes: CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. CVE-2026-28883: processing...

8.8CVSS7.4AI score0.00693EPSS
Exploits0References66
SUSE Linux
SUSE Linux
•added 2026/06/11 3:34 p.m.•6 views

Security update for tomcat11

This update for tomcat11 fixes the following issues Update to Tomcat 11.0.22: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

8.7CVSS6.6AI score0.01339EPSS
Exploits2References28
SUSE Linux
SUSE Linux
•added 2026/06/11 12:22 p.m.•6 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.01272EPSS
Exploits0References44
SUSE Linux
SUSE Linux
•added 2026/06/11 12:22 p.m.•6 views

Security update for strongswan

This update for strongswan fixes the following issues CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attribut...

9.2CVSS5.4AI score
Exploits6References32
SUSE Linux
SUSE Linux
•added 2026/06/11 9:12 a.m.•6 views

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...

8.8CVSS5.5AI score0.01335EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/11 9:12 a.m.•6 views

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-33845: buffers: switch from endoffset over to fraglength bsc1263704. CVE-2026-33846: buffers: add more checks to DTLS reassembly bsc1263705. CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers bsc1263708. Patch...

8.8CVSS5.5AI score0.01335EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/06/10 2:56 p.m.•6 views

Security update for wicked

This update for wicked fixes the following issues: CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/10 1:16 p.m.•6 views

Security update for kubernetes1.28

This update for kubernetes1.28 fixes the following issues: Security fixes: CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to deni...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 1:15 p.m.•6 views

Security update for kubernetes

This update for kubernetes fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265748. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 1:14 p.m.•6 views

Security update for kubernetes1.27

This update for kubernetes1.27 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 8:43 a.m.•6 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 8:43 a.m.•6 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/09 7:6 p.m.•6 views

Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are includ...

6.9CVSS5.7AI score0.00904EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•6 views

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•6 views

Security update for libsoup

This update for libsoup fixes the following issues CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution bsc1259767. Patch Instructions: To...

8.8CVSS5.7AI score0.00829EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2026/06/09 12:49 p.m.•6 views

Security update for strongswan

This update for strongswan fixes the following issue CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

7.7CVSS5.4AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 8:12 a.m.•6 views

Security update for nginx

This update for nginx fixes the following issue CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References4
SUSE Linux
SUSE Linux
•added 2026/06/08 3:27 p.m.•6 views

Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References46
SUSE Linux
SUSE Linux
•added 2026/06/05 12:16 p.m.•6 views

Security update for libjxl

This update for libjxl fixes the following issues: Security fixes: CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266460. Other fixes: Update to version 0.10.5: fix tile dimension in low memory rendering pipeline. fix number of...

9.2CVSS5.7AI score0.00367EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/03 3:31 p.m.•6 views

Security update for python-pyOpenSSL

This update for python-pyOpenSSL fixes the following issue CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency bsc1262803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6.8CVSS5.8AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/03 3:31 p.m.•6 views

Security update for python3-pyOpenSSL

This update for python3-pyOpenSSL fixes the following issue CVE-2026-40475: improper input handling of null bytes can lead to silent data truncation and security-state inconsistency bsc1262803. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6.8CVSS5.8AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/03 2:21 p.m.•6 views

Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

8.7CVSS7.2AI score0.00375EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/06/03 2:19 p.m.•6 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/06/03 2:16 p.m.•6 views

Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

8.7CVSS7.2AI score0.00375EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/06/03 2:15 p.m.•6 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/06/03 1:34 p.m.•6 views

Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt

This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...

8.7CVSS7AI score0.00704EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2026/05/22 5:55 a.m.•6 views

Security update for rootlesskit

This update for rootlesskit rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...

5.8AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/05/22 5:54 a.m.•6 views

Security update for rootlesskit

This update for rootlesskit rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15....

5.8AI score
Exploits0
Total number of security vulnerabilities5000