Lucene search
K
SuseMost viewed

5412 matches found

SUSE Linux
SUSE Linux
•added 2025/04/02 9:47 a.m.•3 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.9.0 ESR MFSA 2025-22 bsc1240083: CVE-2025-3028: Use-after-free triggered by XSLTProcessor CVE-2025-3029: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3030: Memory safety bugs fixed in Firef...

8.1CVSS7.9AI score0.00767EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2025/04/02 9:39 a.m.•3 views

Security update for docker, docker-stable

This update for docker, docker-stable fixes the following issues: CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239185. CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239322. CVE-2024-29018: Fixed...

9.9CVSS7.3AI score0.16496EPSS
Exploits1References24
SUSE Linux
SUSE Linux
•added 2025/04/02 9:38 a.m.•3 views

Security update for apparmor

This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

7.7AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2025/04/01 10:13 a.m.•3 views

Security update for libtasn1

This update for libtasn1 fixes the following issues: CVE-2024-12133: Fixed potential DoS in handling of numerous SEQUENCE OF or SET OF elements bsc1236878. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.2CVSS7.3AI score0.01025EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/31 2:21 p.m.•3 views

Security update for libarchive

This update for libarchive fixes the following issues: CVE-2025-1632: Fixed null pointer dereference in bsdunzip.c bsc1237606 CVE-2025-25724: Fixed Buffer Overflow vulnerability in libarchive bsc1238610 CVE-2024-48958: Fixed out-of-bounds access in executefilterdelta bsc1231624 CVE-2024-20697:...

7.8CVSS8.2AI score0.87784EPSS
Exploits4References26
SUSE Linux
SUSE Linux
•added 2025/03/31 1:3 p.m.•3 views

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916. CVE-2024-41062: Sync sock recv cb and release bsc1228578. Patch Instructions: To install this SUSE update use the SUSE...

7.3CVSS7.7AI score0.00237EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2025/03/27 12:56 p.m.•3 views

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking...

8.7CVSS7.9AI score0.03301EPSS
Exploits8References2244
SUSE Linux
SUSE Linux
•added 2025/03/26 3:44 p.m.•3 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed data exilfration cross-origin due to a cookie management issue via a malicious website bsc1239864 Other fixes: ...

7.1CVSS8.1AI score0.0424EPSS
Exploits4References12
SUSE Linux
SUSE Linux
•added 2025/03/26 11:30 a.m.•3 views

Security update for php7

This update for php7 fixes the following issues: CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 CVE-2025-1219: Fixed libxml streams using wrong...

7.3CVSS7.3AI score0.01263EPSS
Exploits3References24
SUSE Linux
SUSE Linux
•added 2025/03/26 11:28 a.m.•3 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process bsc1239547. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

7.1CVSS7.4AI score0.0424EPSS
Exploits4References4
SUSE Linux
SUSE Linux
•added 2025/03/25 12:47 p.m.•3 views

Security update for php8

This update for php8 fixes the following issues: CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 CVE-2025-1219: Fixed libxml streams using wrong...

7.3CVSS5.9AI score0.01263EPSS
Exploits3References24
SUSE Linux
SUSE Linux
•added 2025/03/25 11:9 a.m.•3 views

Security update for python-gunicorn

This update for python-gunicorn fixes the following issues: CVE-2024-6827: Fixed improper validation of the 'Transfer-Encoding' header value can allow for HTTP request smuggling attacks bsc1239830 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

8.7CVSS7.8AI score0.00738EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/25 9:2 a.m.•3 views

Security update for openssh

This update for openssh fixes the following issues: CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: Fix ssh client segfault with GSSAPIKeyExchange=yes i...

8.2CVSS7.7AI score0.38474EPSS
Exploits5References32
SUSE Linux
SUSE Linux
•added 2025/03/24 3:11 p.m.•3 views

Security update for php8

This update for php8 fixes the following issues: CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 CVE-2025-1219: Fixed libxml streams using wrong...

7.3CVSS5.7AI score0.01263EPSS
Exploits3References24
SUSE Linux
SUSE Linux
•added 2025/03/24 2:33 p.m.•3 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2025-24201: Fixed out-of-bounds write vulnerability bsc1239547. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

7.1CVSS7.4AI score0.0424EPSS
Exploits4References4
SUSE Linux
SUSE Linux
•added 2025/03/21 2:15 p.m.•3 views

Security update for apptainer

This update for apptainer fixes the following issues: CVE-2025-27144: Fixed Denial of Service in Go JOSE's Parsing bsc1237679. CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-insensitive content bsc1234794. CVE-2024-45337: Fixed Misuse of ServerConfig.PublicKeyCallback m...

9.9CVSS7.1AI score0.16496EPSS
Exploits4References24
SUSE Linux
SUSE Linux
•added 2025/03/20 10:44 a.m.•3 views

Security update for protobuf

This update for protobuf fixes the following issues: CVE-2024-2410: Fixed use after free when parsing JSON from a stream bsc1223947. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

7.6CVSS7.4AI score0.00332EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/19 1:34 p.m.•3 views

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. CVE-2024-46815: drm/amd/display: Check numvalidsets before accessing readerwmsets bsc1231196...

8.6CVSS8.4AI score0.00809EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2025/03/19 10:50 a.m.•3 views

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash bsc1236619. Patch Instructions: To...

6.5CVSS7.4AI score0.00606EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/18 9:58 p.m.•3 views

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...

8.6CVSS7.7AI score0.00244EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/18 10:58 a.m.•3 views

Security update for tpm2.0-tools, tpm2-0-tss

This update for tpm2.0-tools, tpm2-0-tss fixes the following issues: tpm2-0-tss: Update to version 4.1: + Security - CVE-2024-29040: arbitrary quote data may go undetected by FapiVerifyQuote bsc1223690 Fixed fapi: Fix length check on FAPI auth callbacks mu: Correct error message for errors...

5.5CVSS7.5AI score0.00984EPSS
Exploits2References12
SUSE Linux
SUSE Linux
•added 2025/03/17 4:33 p.m.•3 views

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-46818: drm/amd/display: Check gpioid before used as array index bsc1231204. CVE-2024-46815: drm/amd/display: Check numvalidsets before accessing readerwmsets bsc1231196...

8.6CVSS7.8AI score0.00809EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2025/03/14 2:47 p.m.•3 views

Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: CVE-2025-25184: Fixed escape sequence injection vulnerability in rack leading to possible log injection bsc1237141 CVE-2025-27111: Fixed escape sequence injection vulnerability in rack leading to possible log injection bsc1238607...

8.7CVSS6.8AI score0.01095EPSS
Exploits1References12
SUSE Linux
SUSE Linux
•added 2025/03/14 9:32 a.m.•3 views

Security update for amazon-ssm-agent

This update for amazon-ssm-agent fixes the following issues: CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs bsc1238702 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

4.8CVSS7.4AI score0.00384EPSS
Exploits2References4
SUSE Linux
SUSE Linux
•added 2025/03/14 8:45 a.m.•3 views

Security update for python

This update for python fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

6.3CVSS6.6AI score0.0067EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/13 10:40 a.m.•3 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization guest/host mode behind...

8.6CVSS7.9AI score0.01094EPSS
Exploits1References98
SUSE Linux
SUSE Linux
•added 2025/03/13 10:37 a.m.•3 views

Security update for curl

This update for curl fixes the following issues: Update to 8.12.1: Bugfixes: asyn-thread: fix build with 'CURLDISABLESOCKETPAIR' asyn-thread: fix HTTPS RR crash asyn-thread: fix the returned bitmask from Curlresolvergetsock asyn-thread: survive a c-ares channel set to NULL cmake: always reference...

6.9CVSS7.8AI score0.0197EPSS
Exploits4References16
SUSE Linux
SUSE Linux
•added 2025/03/12 10:46 a.m.•3 views

Security update for curl

This update for curl fixes the following issues: Security issues fixed: CVE-2025-0725: Fixed gzip integer overflow bsc1236590 CVE-2025-0167: Fixed netrc and default credential leak bsc1236588 Other issues fixed: Make sure the TLS handshake after a successful STARTTLS command is fully done before...

5.9CVSS7.6AI score0.01168EPSS
Exploits2References10
SUSE Linux
SUSE Linux
•added 2025/03/11 10:55 a.m.•3 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-22543: Fixed improper handling of VMIO|VMPFNMAP vmas in KVM bsc1186482. CVE-2021-47634: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl...

8.6CVSS7.8AI score0.01016EPSS
Exploits3References350
SUSE Linux
SUSE Linux
•added 2025/03/10 8:35 a.m.•3 views

Security update for buildah

This update for buildah fixes the following issues: CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. bsc1236531 CVE-2025-27144: Fixed denial of service in parsing function of...

8.7CVSS7AI score0.91969EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2025/03/10 8:34 a.m.•3 views

Security update for buildah

This update for buildah fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237681 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.7CVSS6.3AI score0.00369EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/07 3:31 p.m.•3 views

Security update for pcr-oracle, shim

This update for pcr-oracle, shim fixes the following issues: pcr-oracle: predict SbatLevelRT for the next boot bsc1230316 shim was updated to version 15.8: Update shim-install to use the 'removable' way for encrypted SL-Micro images bsc1230316 Always use the removable way for SL-Micro Limit the...

7.1CVSS7.5AI score0.04852EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2025/03/06 2:5 p.m.•3 views

Security update for go1.23

This update for go1.23 fixes the following issues: CVE-2025-22870: golang.org/x/net/proxy, golang.org/x/net/http/httpproxy: Fixed proxy bypass using IPv6 zone IDs bsc1238572 Other fixes: Updated go version to go1.23.7 bsc1229122: go71985 go71984 bsc1238572 security: fix CVE-2025-22870 net/http,...

4.8CVSS6.7AI score0.00384EPSS
Exploits2References6
SUSE Linux
SUSE Linux
•added 2025/03/05 3:1 p.m.•3 views

Security update for glib2

This update for glib2 fixes the following issues: CVE-2024-52533: Fixed a single byte buffer overflow in setconnectmsg bsc1233282 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

7.1CVSS7.8AI score0.01263EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2025/03/04 12:51 p.m.•3 views

Security update for podman

This update for podman fixes the following issues: CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE bsc1237641 CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service D...

8.7CVSS7.1AI score0.91969EPSS
Exploits1References44
SUSE Linux
SUSE Linux
•added 2025/03/04 8:28 a.m.•3 views

Security update for pam_u2f

This update for pamu2f fixes the following issues: update to 1.3.2: Relax authfile permission check to a warning instead of an error to prevent a breaking change locking existing users out of their systems. update to 1.3.1: CVE-2025-23013: Fixed problematic PAMIGNORE return values in...

7.8CVSS7.2AI score0.00397EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/03 2:29 p.m.•3 views

Security update for skopeo

This update for skopeo fixes the following issues: CVE-2025-27144: excessive memory consumption by Go JOSE when parsing compact JWS or JWE input containing a large number of '.' characters bsc1237613. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...

8.7CVSS6.1AI score0.00369EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/03 8:44 a.m.•3 views

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.3CVSS7.2AI score0.01193EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/03/03 8:43 a.m.•3 views

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can lead to a DoS bsc1236974. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.3CVSS6.7AI score0.01193EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/28 4:26 p.m.•3 views

Security update for azure-cli

This update for azure-cli fixes the following issues: CVE-2024-43591: improper neutralization of special elements could allow users to run Azure CLI commands that result in certain service management operations being performed with System level permissions in Azure Defender for Cloud bsc1231971...

8.7CVSS9.5AI score0.01609EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/28 4:25 p.m.•3 views

Security update for python-azure-identity

This update for python-azure-identity fixes the following issues: CVE-2024-35255: race condition leading to privilege escalation and unauthorized access to sensitive information in Azure Identity libraries bsc1230100. Patch Instructions: To install this SUSE update use the SUSE recommended...

6.8CVSS8AI score0.00788EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/28 2:39 p.m.•3 views

Security update for openssh8.4

This update for openssh8.4 fixes the following issues: CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. Other bugfixes: Fix usage of local accelerator cards via openssl-ibmca bsc1216474, bsc1218871. Add patches from upstream to change the default...

6.8CVSS7.1AI score0.06997EPSS
Exploits4References20
SUSE Linux
SUSE Linux
•added 2025/02/28 9:56 a.m.•3 views

Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.20: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.8CVSS8.2AI score0.89472EPSS
Exploits10References4
SUSE Linux
SUSE Linux
•added 2025/02/26 6:35 p.m.•3 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.6 bsc1236946, bsc1234851: CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the user. CVE-2025-24150: Copying a URL from Web Inspector may lead to command injection. CVE-2025-24158: Processing we...

8.8CVSS7.7AI score0.14492EPSS
Exploits1References28
SUSE Linux
SUSE Linux
•added 2025/02/26 2:32 p.m.•3 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in...

7.8CVSS7.8AI score0.00474EPSS
Exploits0References32
SUSE Linux
SUSE Linux
•added 2025/02/26 1:37 p.m.•3 views

Security update for socat

This update for socat fixes the following issues: CVE-2015-1379: lack of async-signal-safe signal handlers can lead to crashes or freezing of socat processes bsc922903. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

4CVSS7.3AI score0.0393EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2025/02/26 7:26 a.m.•3 views

Recommended update for Maven

This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling by...

8.8CVSS8.4AI score0.22709EPSS
Exploits0References2
SUSE Linux
SUSE Linux
•added 2025/02/25 1:11 p.m.•3 views

Security update for vim

This update for vim fixes the following issues: vim was updated to 9.1.1101: CVE-2024-43374: Fixed use-after-free in alistadd bsc1229238 CVE-2024-43790: Fixed Out of bounds read when performing a search command bsc1229685 CVE-2024-43802: Fixed heap-buffer-overflow in instypebuf bsc1229822...

4.6CVSS7.6AI score0.00492EPSS
Exploits1References34
SUSE Linux
SUSE Linux
•added 2025/02/24 10:45 a.m.•3 views

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 40 bsc1236470: CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and write access to data through the Hotspot component API bsc1236278. Patch Instructions: To install this SU...

6.3CVSS6.8AI score0.00971EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2025/02/20 2:43 p.m.•3 views

Security update for openssh

This update for openssh fixes the following issues: CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

6.8CVSS7.2AI score0.06997EPSS
Exploits4References4
Total number of security vulnerabilities5000