Lucene search
K
SuseMost viewed

5412 matches found

SUSE Linux
SUSE Linux
•added 2025/05/30 12:10 p.m.•3 views

Security update for python312-setuptools

This update for python312-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.7CVSS7.6AI score0.01479EPSS
Exploits4References4
SUSE Linux
SUSE Linux
•added 2025/05/29 12:44 p.m.•3 views

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.13: CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation bsc1242931 Changelog: https://www.postgresql.org/docs/release/15.13/ Patch Instructions: T...

5.9CVSS7.2AI score0.00612EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/29 9:40 a.m.•3 views

Security update for apparmor

This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...

5.7CVSS7.2AI score0.00265EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/29 9:33 a.m.•3 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.1. Security fixes: MFSA 2025-34 bsc1243216 CVE-2025-3875: Sender Spoofing via Malformed From Header in Thunderbird. CVE-2025-3877: Unsolicited File Download, Disk Space Exhaustion, and Credential...

7.5CVSS7.5AI score0.00363EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2025/05/29 9:29 a.m.•3 views

Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.3 bsc1236217: Security fixes: CVE-2025-22873: Fixed os.Root permits access to parent directory bsc1242715 Changelog: go73556 go73555 security: fix CVE-2025-22873 os: Root permits access to parent directory go73082 os: Root.Open...

4.4CVSS7.3AI score0.00238EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2025/05/28 2:44 p.m.•3 views

Security update for python-tornado

This update for python-tornado fixes the following issues: CVE-2025-47287: excessive logging when parsing malformed multipart/form-data can lead to a denial-of-service bsc1243268. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

8.7CVSS7.3AI score0.00667EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/28 2:33 p.m.•3 views

Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: Update to version 1.23.9 bsc1229122: Security fixes: CVE-2024-45336: net/http: sensitive headers incorrectly sent after cross-domain redirect bsc1236046 CVE-2024-45341: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints...

6.5CVSS7.3AI score0.00724EPSS
Exploits2References24
SUSE Linux
SUSE Linux
•added 2025/05/28 2:28 p.m.•3 views

Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.8CVSS7.9AI score0.00708EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/27 9:28 a.m.•3 views

Security update for glibc

This update for glibc fixes the following issues: CVE-2025-4802: elf: Ignore LDLIBRARYPATH and debug env var for setuid for static bsc1243317 pthreads NPTL: lost wakeup fix 2 bsc1234128, BZ 25847 Mark functions in libcnonshared.a as hidden bsc1239883 Linux: Switch back to assembly syscall wrapper...

9.4CVSS7.3AI score0.0039EPSS
Exploits1References10
SUSE Linux
SUSE Linux
•added 2025/05/26 5:33 p.m.•3 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.10.1 ESR. MFSA 2025-37 bsc1243303 CVE-2025-4918: Out-of-bounds access when resolving Promise objects CVE-2025-4919: Out-of-bounds access when optimizing linear sums Patch Instructions: To...

8.8CVSS7.2AI score0.08917EPSS
Exploits1References6
SUSE Linux
SUSE Linux
•added 2025/05/26 4:28 p.m.•3 views

Security update for python310-setuptools

This update for python310-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.7CVSS7.6AI score0.01479EPSS
Exploits4References4
SUSE Linux
SUSE Linux
•added 2025/05/26 11:3 a.m.•3 views

Security update for python-setuptools

This update for python-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.7CVSS7.6AI score0.01479EPSS
Exploits4References4
SUSE Linux
SUSE Linux
•added 2025/05/25 10:1 p.m.•3 views

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2025-32873: Fixed denial-of-service possibility in striptags bsc1242210 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

5.9CVSS7.3AI score0.13969EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/23 1:0 p.m.•3 views

Security update for augeas

This update for augeas fixes the following issues: CVE-2025-2588: Fixed check for NULL pointers when calling recaseexpand in function faexpandnocase bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

4.8CVSS7.3AI score0.00241EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/05/23 12:48 p.m.•3 views

Security update for python36-setuptools

This update for python36-setuptools fixes the following issues: CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write bsc1243313. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.7CVSS7.4AI score0.01479EPSS
Exploits4References4
SUSE Linux
SUSE Linux
•added 2025/05/23 11:34 a.m.•3 views

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage bsc1229504...

8.5CVSS8AI score0.00243EPSS
Exploits1References12
SUSE Linux
SUSE Linux
•added 2025/05/21 3:38 p.m.•3 views

Security update for ca-certificates-mozilla

This update for ca-certificates-mozilla fixes the following issues: test for a concretely missing certificate rather than just the directory, as the latter is now also provided by openssl-3 Re-create java-cacerts with SOURCEDATEEPOCH set for reproducible builds bsc1229003 explicit remove distrust...

7.3AI score
Exploits0References14
SUSE Linux
SUSE Linux
•added 2025/05/21 11:52 a.m.•3 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48933: netfilter: nftables: fix memory leak during stateful obj update bsc1229621. CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981...

8.5CVSS8.2AI score0.00266EPSS
Exploits0References174
SUSE Linux
SUSE Linux
•added 2025/05/21 10:3 a.m.•3 views

Security update for s390-tools

This update for s390-tools rebuilds the existing package with the new 4k RSA secure boot key. Security issues fixed: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate. bsc1242622 Other issues: Added the new IBM z17 9175 processor type Patch Instructions: To...

6.3CVSS4.5AI score0.00452EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2025/05/20 8:51 a.m.•3 views

Security update for python-httpcore, python-h11

This update for python-httpcore, python-h11 fixes the following issues: python-h11: - Update 0.16.0: CVE-2025-43859: Fixed accepting of malformed Chunked-Encoding bodies bsc1241872 - 0.15.0: Reject Content-Lengths = 1 zettabyte 1 billion terabytes early, without attempting to parse the integer...

9.3CVSS7.3AI score0.00522EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/19 4:49 a.m.•3 views

Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: CVE-2025-32728: Fixed a logic error in DisableForwarding option bsc1241012 Other bugs fixed: Allow KEX hashes greater than 256 bits bsc1241045 Fixed hostname being left out of the audit output bsc1228634 Fixed failures wit...

5.1CVSS5.8AI score0.00149EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2025/05/16 2:7 p.m.•3 views

Security update for libraw

This update for libraw fixes the following issues: CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 CVE-2025-43963: Fixed out-of-buff...

5.1CVSS4.2AI score0.00367EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2025/05/16 12:51 p.m.•3 views

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087, bsc1241020: Fix a bug in the concatws function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very lar...

6.8CVSS7.8AI score0.00453EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/05/16 11:5 a.m.•3 views

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fix building with containerd 1.7.25+ bsc1237147 Full changelog:...

6.9CVSS6.5AI score0.00249EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/05/14 5:5 p.m.•3 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: Security: CVE-2025-27587: Timing side channel vulnerability in the P-384 implementation when used with ECDSA in the PPC architecture bsc1240366. Missing null pointer check before accessing handshakefunc in ssllib.c bsc1240607. FIPS: Disabling...

6CVSS6.7AI score0.00361EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2025/05/12 9:14 a.m.•3 views

Security update for ca-certificates-mozilla

This update for ca-certificates-mozilla fixes the following issues: Update to 2.74 state of Mozilla SSL root CAs: Removed: SwissSign Silver CA - G2 Added: D-TRUST BR Root CA 2 2023 D-TRUST EV Root CA 2 2023 Updated to 2.72 state of Mozilla SSL root CAs bsc1234798: Removed: SecureSign RootCA11...

7.3AI score
Exploits0References14
SUSE Linux
SUSE Linux
•added 2025/05/09 11:31 a.m.•3 views

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...

9.1CVSS6.2AI score0.00688EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2025/05/09 9:34 a.m.•3 views

Security update for wireshark

This update for wireshark fixes the following issues: CVE-2024-4853: Fixed denial of service in editcap caused by crafted capture file bsc1224259 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

5.5CVSS7.3AI score0.00419EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/05/09 1:8 a.m.•3 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20250506T153719 2025-05-06T15:37:19Z jscPED-11136 GO-2025-3656 GO-2025-3661 GO-2025-3662 GO-2025-3663 GO-2025-3665 Update to version 0.0.20250505T161433 2025-05-05T16:14:33Z jscPED-11136 GO-2025-3645 GO-2025-3646...

7.4AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2025/05/08 7:35 p.m.•3 views

Security update for apparmor

This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...

5.7CVSS7.2AI score0.00265EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/08 12:25 p.m.•3 views

Security update for util-linux

This update for util-linux fixes the following issues: Updated to version 2.40.4: agetty: Prevent cursor escape bsc1194818 chcpu8: Document CPU deconfiguring behavior fdisk: SGI fixes hardlink: fix memory corruption hardlink.1 directory|file is mandatory lib/env: fix envlistsetenv for strings...

8.4CVSS7.4AI score0.02242EPSS
Exploits3References22
SUSE Linux
SUSE Linux
•added 2025/05/08 12:24 p.m.•3 views

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash; bsc1236619. Patch Instructions: To...

6.5CVSS7.4AI score0.00606EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/07 9:42 a.m.•3 views

Security update for opensaml

This update for opensaml fixes the following issues: CVE-2025-31335: Fixed parameter manipulation allowing forging signed SAML messages bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

4CVSS7.3AI score0.00228EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/07 9:42 a.m.•3 views

Security update for opensaml

This update for opensaml fixes the following issues: CVE-2025-31335: Fixed a bug where parameter manipulation allows the forging of signed SAML messages. bsc1239889 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

4CVSS4.6AI score0.00228EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/06 10:57 a.m.•3 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

5.9CVSS7.3AI score0.00485EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/06 10:57 a.m.•3 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659 CVE-2025-46393: mishandling of packetsize leads to rendering of channels in arbitrary order in multispectral MIFF image processing...

5.9CVSS4.2AI score0.00485EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/05/06 10:5 a.m.•3 views

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

9.1CVSS6.4AI score0.00688EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2025/05/05 10:56 a.m.•3 views

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

8.2CVSS7.8AI score0.00416EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/04 4:10 p.m.•3 views

Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize bsc1233294...

8.8CVSS8AI score0.02033EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2025/05/02 10:37 a.m.•3 views

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries. bsc1241620 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

4.3CVSS5AI score0.00092EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/05/02 8:11 a.m.•3 views

Security update for python-h11

This update for python-h11 fixes the following issues: CVE-2025-43859: leniency when parsing of line terminators in chunked-coding message bodies can lead to request smuggling. bsc1241872 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

9.3CVSS7.8AI score0.00522EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/04/30 12:55 p.m.•3 views

Security update for redis

This update for redis fixes the following issues: CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

8.7CVSS8AI score0.00824EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/04/30 9:27 a.m.•3 views

Security update for containerd

This update for containerd fixes the following issues: Updated containerd to v1.7.27. CVE-2024-40635: Fixed integer overflow in User ID handling bsc1239749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

4.6CVSS7.6AI score0.00275EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/04/30 6:59 a.m.•3 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.10.0 ESR MFSA 2025-29 bsc1241621: CVE-2025-2817: Potential privilege escalation in Firefox Updater MFSA-RESERVE-2025-193709: WebGL shader attribute memory corruption in Firefox for macOS...

8.5CVSS8.8AI score0.00538EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/04/30 6:59 a.m.•3 views

Security update for augeas

This update for augeas fixes the following issues: CVE-2025-2588: Check for NULL pointers when calling recaseexpand in function faexpandnocase. bsc1239909 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

4.8CVSS4.3AI score0.00241EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/04/29 7:10 p.m.•3 views

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: ...

8.8CVSS7.6AI score0.02033EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/04/29 11:10 a.m.•3 views

Security update for gpg2

This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

2.7CVSS7.2AI score0.00179EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/04/24 2:58 p.m.•3 views

Security update for docker

This update for docker fixes the following issues: Updated to docker-buildx v0.22.0. Updated to Docker 27.5.1-ce. CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints bsc1239765 CVE-2025-22868: Fixed golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in...

8.7CVSS7.3AI score0.00868EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2025/04/22 2:29 p.m.•3 views

Security update for podman

This update for podman fixes the following issues: CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239330. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

8.7CVSS7.3AI score0.00868EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/04/22 2:8 p.m.•3 views

Security update for iperf

This update for iperf fixes the following issues: Update to 3.18 bsc1234705, CVE-2024-53580: SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. CVE-2024-53580 This has now been fixed. PR1810 UDP packets...

6.8CVSS7.3AI score0.00908EPSS
Exploits1References4
Total number of security vulnerabilities5000