Lucene search
K
SuseMost viewed

5454 matches found

SUSE Linux
SUSE Linux
•added 2026/05/18 7:49 a.m.•10 views

Security update for python310

This update for python310 fixes the following issues Security issues: CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-3446: base64 decoding stops at first padded quad by default bsc1261970. CVE-2026-4786: incomplete mitigation of , %action expansion fo...

9.1CVSS7.9AI score0.00579EPSS
Exploits1References22
SUSE Linux
SUSE Linux
•added 2026/05/18 7:49 a.m.•10 views

Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References48
SUSE Linux
SUSE Linux
•added 2026/05/18 7:43 a.m.•10 views

Security update for PackageKit

This update for PackageKit fixes the following issue: CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE bsc1262220. Special Instructions and Notes: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

9.3CVSS5.9AI score0.0046EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2026/05/18 7:40 a.m.•10 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty encryptedkey field but key wrapping algorithm set can lead to a denial of service bsc1262936. Patch Instructions: To install this SUSE update use th...

8.7CVSS6.3AI score0.00651EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/17 3:22 p.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker through...

8.8CVSS6.1AI score0.93235EPSS
Exploits45References16
SUSE Linux
SUSE Linux
•added 2026/05/17 1:22 p.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker...

8.8CVSS6.1AI score0.93235EPSS
Exploits47References20
SUSE Linux
SUSE Linux
•added 2026/05/17 1:17 p.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker...

8.8CVSS6.1AI score0.93235EPSS
Exploits47References20
SUSE Linux
SUSE Linux
•added 2026/05/15 3:22 p.m.•10 views

Security update for firewalld

This update for firewalld fixes the following issue: CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

6.8CVSS5.8AI score0.00118EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/14 10:33 p.m.•10 views

Security update for go1.26

This update for go1.26 fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" does not...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References48
SUSE Linux
SUSE Linux
•added 2026/05/14 3:5 p.m.•10 views

Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.40 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended installati...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
SUSE Linux
SUSE Linux
•added 2026/05/13 3:25 p.m.•10 views

Security update for Mesa

This update for Mesa fixes the following issue: CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party bsc1261998. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

6.8CVSS5.8AI score0.00348EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/08 8:59 a.m.•10 views

Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid

This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issues: CVE-2025-2286...

8.2CVSS6.7AI score0.00868EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/05/08 8:58 a.m.•10 views

Security update for nginx

This update for nginx fixes the following issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...

8.3CVSS7.6AI score0.21621EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/05/07 12:43 a.m.•10 views

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

8.7CVSS5.9AI score0.00702EPSS
Exploits0References34
SUSE Linux
SUSE Linux
•added 2026/05/06 12:8 p.m.•10 views

Security update for erlang

This update for erlang fixes the following issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681. CVE-2026-23943: denia...

9.1CVSS7.2AI score0.00644EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/05/05 8:3 a.m.•10 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...

7.8CVSS5.8AI score0.00191EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/05/01 8:37 a.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2024-26584: net/tls: return ENOTSUPP on tlsinit bsc1220186. CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2025-39759: btrfs: qgroup: fix race between...

8.2CVSS6.8AI score0.00341EPSS
Exploits2References72
SUSE Linux
SUSE Linux
•added 2026/04/24 1:34 p.m.•10 views

Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...

7.3CVSS5.6AI score0.00145EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/04/24 11:51 a.m.•10 views

Security update for vim

This update for vim fixes the following issues: Update to version 9.2.0280. CVE-2026-34982: missing input validation allows for a modeline sandbox bypass and can lead to arbitrary OS command execution bsc1261271. CVE-2026-34714: missing checks allow for a tabpanel modeline escape and can lead to...

9.3CVSS6.3AI score
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/04/22 7:22 a.m.•10 views

Security update for podman

This update for podman rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...

5.7AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/04/21 9:25 a.m.•10 views

Security update 5.1.3 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Backport security patch for Salt vendored tornado bsc1259554: CVE-2026-31958: Add limits on multipart form data parsing Add x8664v2 as a possible rpm package architecture Make users with backslash working for salt-ssh bsc1254629 Fix...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/04/21 9:24 a.m.•10 views

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Internal changes to fix build issues with no impact for customers spacecmd: Version 5.1.13-0 Updated translation strings uyuni-tools: Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key file...

8.7CVSS5.7AI score0.00375EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2026/04/20 4:0 p.m.•10 views

Security update for containerd

This update for containerd rebuilds it against the current go 1.25 security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: SUSE Linux...

5.7AI score
Exploits0
SUSE Linux
SUSE Linux
•added 2026/04/16 4:41 p.m.•10 views

Security update for python

This update for python fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined bsc1259611. CVE-2026-3479: improper resource argument validation can allow path traversal bsc1259989. CVE-2026-3644: incomplete control characte...

8.2CVSS5.8AI score0.00621EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/04/15 7:7 p.m.•10 views

Security update for python310

This update for python310 fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. CVE-2026-3479: improper resource argument validation in pkgutil.getdata can lead to path...

8.2CVSS5.9AI score0.00621EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/04/15 1:36 p.m.•10 views

Security update for python311

This update for python311 fixes the following issues: Updated to Python 3.11.15 CVE-2025-6075: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables bsc1252974. CVE-2025-11468: header injection when folding a long...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References60
SUSE Linux
SUSE Linux
•added 2026/04/15 12:4 p.m.•10 views

Security update for python36

This update for python36 fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined bsc1259611. CVE-2026-3479: python: improper resource argument validation can allow path traversal bsc1259989. CVE-2026-3644: incomplete contro...

8.2CVSS5.9AI score0.00621EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/04/12 11:15 p.m.•10 views

Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-39973: i40e: add validation for ringlen param...

8.7CVSS6.7AI score0.00204EPSS
Exploits0References28
SUSE Linux
SUSE Linux
•added 2026/03/25 9:25 a.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer bsc1238917. CVE-2025-40242: gfs2: Fix unlikely race in gdlmputlock bsc1255075...

8.5CVSS6AI score0.00197EPSS
Exploits0References56
SUSE Linux
SUSE Linux
•added 2026/03/23 4:35 p.m.•10 views

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to go 1.25.8 bsc1244485, jscSLE-18320: CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated sessio...

9.6CVSS5.9AI score0.00765EPSS
Exploits1References24
SUSE Linux
SUSE Linux
•added 2026/03/20 7:46 a.m.•10 views

Security update for php-composer2

This update for php-composer2 fixes the following issues: CVE-2025-67746: Fixed ANSI control characters injection in the terminal output of various Composer commands via attacker controlled remote sources. bsc1255768 Patch Instructions: To install this SUSE update use the SUSE recommended...

3.3CVSS5.8AI score0.00405EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/03/18 9:15 a.m.•10 views

Security update for gvfs

This update for gvfs fixes the following issues: CVE-2026-28295: Fix ftp use control connection address for PASV data bsc1258953. CVE-2026-28296: Fix ftp reject paths containing CR/LF characters bsc1258954. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

7.3CVSS5.7AI score0.0036EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2026/02/25 4:27 p.m.•10 views

Security update for python313

This update for python313 fixes the following issues: Update to Python 3.13.12 CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel. bsc1257031 CVE-2026-0865: Fixed a bug where a user-controlled header containing newlines can...

8.7CVSS5.5AI score0.0055EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/02/12 4:34 p.m.•10 views

Security update for zabbix

This update for zabbix fixes the following issues: CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 CVE-2024-42325: Restricted access to user fields using user.get API method for users of User and Admin type, and restricted access to alert entities using alert.get...

3.5CVSS5.5AI score0.00331EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/02/11 10:20 a.m.•10 views

Security update for qemu

This update for qemu fixes the following issues: CVE-2026-0665: Added PIRQ bounds check in xenphysdevmappirq to avoid an out-of-bounds heap. bsc1256484 Other fixes: Fixed that QEMU migration fails if a qemu-vdagent channel is present in the VM bsc1257474 Patch Instructions: To install this SUSE...

6.8CVSS5.5AI score0.00143EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/02/11 9:25 a.m.•10 views

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.20.0: CVE-2026-22036: Updated undici to 6.23.0 bsc1256848 CVE-2025-59465: Add TLSSocket default error handler bsc1256573 CVE-2025-55132: Disable futimes when permission model is enabled bsc1256571 CVE-2025-55130: Require full read...

9.2CVSS5.8AI score0.03782EPSS
Exploits2References28
SUSE Linux
SUSE Linux
•added 2026/02/10 8:33 a.m.•10 views

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...

7.5CVSS5.9AI score0.00864EPSS
Exploits1References20
SUSE Linux
SUSE Linux
•added 2026/01/22 4:8 p.m.•10 views

Security update for log4j

This update for log4j fixes the following issues: Security fixes: CVE-2025-68161: Fixed absent TLS hostname verification that may allow a man-in-the-middle attack bsc1255427 Other fixes: Upgrade to 2.18.0 Added Add support for Jakarta Mail API in the SMTP appender. Add support for custom Log4j 1....

6.3CVSS5.5AI score0.00743EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/12/22 4:39 p.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786...

8.7CVSS7.9AI score0.00338EPSS
Exploits0References36
SUSE Linux
SUSE Linux
•added 2025/12/19 11:40 a.m.•10 views

Security update for mariadb

This update for mariadb fixes the following issues: Update to version 10.5.29. Release notes and changelog: https://mariadb.com/kb/en/mariadb-10-5-29-release-notes/ https://mariadb.com/kb/en/mariadb-10-5-29-changelog/ https://mariadb.com/kb/en/mariadb-10-5-28-release-notes/...

8.5CVSS6.8AI score0.01236EPSS
Exploits0References24
SUSE Linux
SUSE Linux
•added 2025/12/04 10:4 a.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...

8.8CVSS9.4AI score0.21314EPSS
Exploits0References856
SUSE Linux
SUSE Linux
•added 2025/11/28 1:4 p.m.•10 views

Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm...

8.7CVSS7.3AI score0.00178EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2025/11/26 2:47 p.m.•10 views

Security update for yelp

This update for yelp fixes the following issues: CVE-2025-3155: JavaScript code execution and arbitrary file read through specially crafted help files and ghelp scheme URLs bsc1240688. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.2CVSS7.7AI score0.12592EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/11/24 9:18 a.m.•10 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-4460: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning bsc1250764. CVE-2022-48631: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0 bsc1223475...

8.8CVSS8.4AI score0.21314EPSS
Exploits1References576
SUSE Linux
SUSE Linux
•added 2025/11/12 10:34 a.m.•10 views

Security update for runc

This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 Includes an important fix for the CPUSet translation for...

7.8CVSS6.8AI score0.0067EPSS
Exploits4References10
SUSE Linux
SUSE Linux
•added 2025/11/04 12:4 p.m.•10 views

Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...

7.3CVSS7.9AI score0.00288EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2025/10/24 6:6 a.m.•10 views

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-1507005311 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

9.2CVSS7.9AI score0.00528EPSS
Exploits1References14
SUSE Linux
SUSE Linux
•added 2025/10/23 6:33 p.m.•10 views

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070051 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673...

9.2CVSS7.3AI score0.00528EPSS
Exploits1References36
SUSE Linux
SUSE Linux
•added 2025/10/16 5:49 a.m.•10 views

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

9.2CVSS7.1AI score0.21314EPSS
Exploits4References1620
SUSE Linux
SUSE Linux
•added 2025/09/30 2:8 p.m.•10 views

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: CVE-2025-41244: local privilege escalation via the Service Discovery Plugin bsc1250373. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

8.5CVSS7.1AI score0.0788EPSS
Exploits3References4
Total number of security vulnerabilities5000