Lucene search
+L

5671 matches found

SUSE Linux
SUSE Linux
•added 2026/06/10 2:54 p.m.•6 views

Security update for wicked

This update for wicked fixes the following issues: CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options bsc1265221. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/10 2:53 p.m.•10 views

Security update for wicked

This update for wicked fixes the following issue CVE-2026-44932: indirect remote shell command injection via unsanitized DHCP options bsc1265221. Changes for wicked: Update to version 0.6.79 Fix to escape single-quotes in leaseinfo dump output used by the wicked test dhcp4 and wicked test dhcp6 a...

8.8CVSS5.5AI score0.00297EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/10 1:22 p.m.•8 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: Update to version 3.14 bsc1265991 Patch Instructions: To install this SUSE...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/10 1:22 p.m.•14 views

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issue CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260264. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

8.6CVSS6.4AI score0.01557EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/10 1:16 p.m.•7 views

Security update for kubernetes1.25

This update for kubernetes1.25 fixes the following issues: Security fixes: CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to deni...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 1:16 p.m.•8 views

Security update for kubernetes1.28

This update for kubernetes1.28 fixes the following issues: Security fixes: CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to deni...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 1:15 p.m.•6 views

Security update for kubernetes1.24

This update for kubernetes1.24 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 1:15 p.m.•8 views

Security update for kubernetes

This update for kubernetes fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265748. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 1:14 p.m.•8 views

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 1:14 p.m.•7 views

Security update for kubernetes1.27

This update for kubernetes1.27 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/10 8:43 a.m.•7 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 8:43 a.m.•8 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 8:42 a.m.•12 views

Security update for libyang

This update for libyang fixes the following issues CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow wh...

9.2CVSS5.7AI score0.00519EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/10 8:42 a.m.•8 views

Security update for glibc

This update for glibc fixes the following issues CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261206. CVE-2026-5450: stdio-common: scanf %mc pattern will cause heap overflow when width 1024 bsc1262465. CVE-2026-5928: libio: ungetwc could...

8.7CVSS5.5AI score0.00502EPSS
Exploits3References12
SUSE Linux
SUSE Linux
•added 2026/06/10 8:41 a.m.•12 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc1263790. CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1263995. CVE-2026-43206:...

8.8CVSS5.6AI score0.00563EPSS
Exploits32References32
SUSE Linux
SUSE Linux
•added 2026/06/10 8:40 a.m.•8 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc126379...

9.3CVSS5.6AI score0.00563EPSS
Exploits32References52
SUSE Linux
SUSE Linux
•added 2026/06/10 7:39 a.m.•8 views

Security update for mariadb

This update for mariadb fixes the following issues: CVE-2026-3494: audit plugin comment handling bypass bsc1259176. CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. CVE-2026-35549: SHA2 auth plugin crash on large packets bsc1261413. CVE-2026-44168: wsrep SST unsafe parameter...

9.4CVSS7.1AI score0.00998EPSS
Exploits1References48
SUSE Linux
SUSE Linux
•added 2026/06/10 7:39 a.m.•10 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953. Special Instructions and Notes: Please reboot the system...

8.8CVSS5.4AI score0.00353EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/10 7:39 a.m.•8 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953. Special Instructions and Notes: Please reboot the system...

8.8CVSS5.4AI score0.00353EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/09 7:6 p.m.•9 views

Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are includ...

6.9CVSS5.7AI score0.00939EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/09 7:5 p.m.•8 views

Security update for go1.25

This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are...

6.9CVSS5.7AI score0.00939EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/09 2:34 p.m.•12 views

Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/09 2:33 p.m.•9 views

Security update for perl-XML-LibXML

This update for perl-XML-LibXML fixes the following issue CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences bsc1264715. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.2CVSS5.4AI score0.00629EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 2:32 p.m.•9 views

Security update for kubernetes1.24

This update for kubernetes1.24 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/09 1:22 p.m.•8 views

Security update for python-Django

This update for python-Django fixes the following issues CVE-2026-6873: signed cookie salt namespace collision in django.http.HttpRequest.getsignedcookie bsc1267578. CVE-2026-7666: potential unencrypted email transmission via STARTTLS in the SMTP backend bsc1267579. CVE-2026-8404: potential...

9.1CVSS5.4AI score0.00359EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/06/09 1:20 p.m.•15 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-23271: perf: Fix perfeventoverflow vs perfremovefromcontext race bsc1260018. CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261638...

8.8CVSS5.6AI score0.00563EPSS
Exploits32References38
SUSE Linux
SUSE Linux
•added 2026/06/09 12:52 p.m.•9 views

Security update for 389-ds

This update for 389-ds fixes the following issue CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changes for 389-ds: Update to version 2.0.20git90.9f70d434e. Patch Instructions: To...

8.7CVSS5.4AI score0.00815EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•7 views

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•8 views

Security update for libsoup

This update for libsoup fixes the following issues CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution bsc1259767. Patch Instructions: To...

8.8CVSS5.7AI score0.00829EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2026/06/09 12:51 p.m.•9 views

Security update for vim

This update for vim fixes the following issues CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim...

8.5CVSS7.8AI score0.00917EPSS
Exploits1References26
SUSE Linux
SUSE Linux
•added 2026/06/09 12:49 p.m.•7 views

Security update for strongswan

This update for strongswan fixes the following issue CVE-2026-47895: double-free when destroying certain cloned identities bsc1266360. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

7.7CVSS5.4AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 11:5 a.m.•51 views

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-24401: uncontrolled recursion in lookuphandlecname can crash the avahi-daemon bsc1257235. CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. Patch Instructions: To install this SUSE updat...

6.5CVSS5.4AI score0.00252EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2026/06/09 8:18 a.m.•16 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex...

9.3CVSS6AI score0.00563EPSS
Exploits39References98
SUSE Linux
SUSE Linux
•added 2026/06/09 8:17 a.m.•7 views

Security update for podofo

This update for podofo fixes the following issue: CVE-2026-44348: double-free in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp bsc1265320. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

2.5CVSS5.4AI score0.00096EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/09 8:14 a.m.•12 views

Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues CVE-2026-41417: missing validations leads to HTTP request smuggling and RTSP request injection via start-line injection in DefaultHttpRequest.setUri bsc1264350. CVE-2026-42578: HTTP Header Injection via HttpProxyHandler Disabled...

8.8CVSS6.7AI score0.00969EPSS
Exploits11References48
SUSE Linux
SUSE Linux
•added 2026/06/09 8:12 a.m.•7 views

Security update for nginx

This update for nginx fixes the following issue CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References4
SUSE Linux
SUSE Linux
•added 2026/06/09 7:58 a.m.•9 views

Security update for perl-Protocol-HTTP2

This update for perl-Protocol-HTTP2 fixes the following issue CVE-2026-10725: denial of service due to absence of inbound HPACK header-list size limit HTTP/2 Bomb attack bsc1267857. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdat...

7.5CVSS5.4AI score0.00414EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/08 3:27 p.m.•9 views

Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References46
SUSE Linux
SUSE Linux
•added 2026/06/08 3:27 p.m.•8 views

Security update for firewalld

This update for firewalld fixes the following issue: CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

6.8CVSS5.4AI score0.00118EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/08 1:55 p.m.•11 views

Security update for mutt

This update for mutt fixes the following issues CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. CVE-2026-43861: missing check for \0 in urlpctdecode bsc1263895...

6.9CVSS5.4AI score0.00201EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/06/08 1:54 p.m.•9 views

Security update for mutt

This update for mutt fixes the following issues CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. CVE-2026-43861: missing check for \0 in urlpctdecode bsc1263895...

6.9CVSS5.4AI score0.00201EPSS
Exploits0References26
SUSE Linux
SUSE Linux
•added 2026/06/08 10:55 a.m.•10 views

Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

8.7CVSS5.7AI score0.01339EPSS
Exploits2References28
SUSE Linux
SUSE Linux
•added 2026/06/08 10:17 a.m.•11 views

Security update for python311

This update for python311 fixes the following issues: CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

6CVSS5.4AI score0.00188EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/06/08 10:17 a.m.•8 views

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-34933: Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags bsc1261546. Patch Instructions: To install this SUSE update use the SUSE recommended...

5.5CVSS5.4AI score0.00203EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/08 10:16 a.m.•14 views

Security update for avahi

This update for avahi fixes the following issue: CVE-2026-34933: reachable assertion in transportflagsfromdomain can crash the avahi-daemon bsc1261546. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

5.5CVSS5.4AI score0.00203EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/08 8:53 a.m.•10 views

Security update for memcached

This update for memcached fixes the following issues CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881. Patch Instructions: To install this SUSE update...

8.1CVSS5.5AI score0.01312EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/08 8:51 a.m.•10 views

Security update for memcached

This update for memcached fixes the following issues CVE-2026-47783: timing side-channel in SASL password database authentication username bsc1265873. CVE-2026-47784: timing side-channel in SASL password database authentication password bsc1265881. Patch Instructions: To install this SUSE update...

8.1CVSS5.5AI score0.01312EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/05 2:30 p.m.•11 views

Security update for bind

This update for bind fixes the following issues: CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...

7.5CVSS5.4AI score0.0181EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/06/05 2:4 p.m.•9 views

Security update for evince

This update for evince fixes the following issue CVE-2026-46529: Evince/Atril/Xreader command injection bsc1265880. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

7.5CVSS5.4AI score0.00529EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/05 12:16 p.m.•9 views

Security update for libjxl

This update for libjxl fixes the following issues: Security fixes: CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266460. Other fixes: Update to version 0.10.5: fix tile dimension in low memory rendering pipeline. fix number of...

9.2CVSS5.7AI score0.00367EPSS
Exploits0References4
Total number of security vulnerabilities5671