Lucene search
+L

5671 matches found

SUSE Linux
SUSE Linux
•added 6 days ago•3 views

Security update for libslirp

This update for libslirp fixes the following issues: CVE-2026-9539: crafted TCP segment with manipulated URG flags and urgent pointers can cause an integer underflow and host-heap memory leak bsc1268903. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

6.5CVSS6.1AI score0.00106EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 6 days ago•3 views

Security update for alsa

This update for alsa fixes the following issue CVE-2026-56109: crafted ALSA configuration text with nested blocks can cause a double-free and memory corruption bsc1268853. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

6.8CVSS6.1AI score0.00138EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 6 days ago•3 views

Security update for nghttp2

This update for nghttp2 fixes the following issue CVE-2026-58055: HTTP/1.1 Upgrade request can lead to HTTP request smuggling and cross-client response-queue poisoning bsc1269489. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

6.3CVSS6.1AI score0.00202EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 6 days ago•3 views

Security update for php8

This update for php8 fixes the following issue CVE-2026-14355: The AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw bsc1270351. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

6.3CVSS6.1AI score0.00306EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 6 days ago•3 views

Security update for libpng15

This update for libpng15 fixes the following issue CVE-2026-25646: heap buffer overflow vulnerability in pngsetdither/pngsetquantize bsc1258020. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

8.3CVSS6.3AI score0.00955EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 6 days ago•3 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-53466: integer overflow in the XCF decoder can result in an out-of-bounds read when a crafted image is read bsc1270073. CVE-2026-53467: allocated memory left unchanged in the MNG decoder can lead to a heap information disclosure...

8.3CVSS6.3AI score0.01849EPSS
Exploits5References168
SUSE Linux
SUSE Linux
•added 6 days ago•4 views

Security update for python-Pillow

This update for python-Pillow fixes the following issues CVE-2026-54059: crafted PCF font data can cause excessive memory allocation bsc1270409. CVE-2026-54060: a font can trigger excessive allocation during conversion or saving bsc1270410. CVE-2026-55379: bypass of decompression bomb protection,...

7.5CVSS6.1AI score0.00364EPSS
Exploits4References16
SUSE Linux
SUSE Linux
•added 6 days ago•3 views

Security update for sccache

This update for sccache fixes the following issue CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270206. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

8.3CVSS6.2AI score0.00285EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 6 days ago•5 views

Security update for the Linux Kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.127 fixes various security issues The following security issues were fixed: CVE-2025-71089: iommu: disable SVA when CONFIGX86 is set bsc1256615. CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524...

8.8CVSS6.8AI score0.00563EPSS
Exploits8References92
SUSE Linux
SUSE Linux
•added 6 days ago•11 views

Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.167 fixes various security issues The following security issues were fixed: CVE-2025-71089: iommu: disable SVA when CONFIGX86 is set bsc1256615. CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524...

8.8CVSS6.7AI score0.00563EPSS
Exploits8References84
SUSE Linux
SUSE Linux
•added last week•3 views

Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.95 fixes various security issues The following security issues were fixed: CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. CVE-2026-31505: iavf: fix out-of-bounds writes in iavfgetethtoolstats...

9CVSS6.7AI score0.00563EPSS
Exploits8References96
SUSE Linux
SUSE Linux
•added 2026/07/10 1:19 p.m.•5 views

Security update for dracut

This update for dracut fixes the following issue CVE-2026-6893: Root code execution via DHCP options command injection bsc1268322. Changes for dracut: Update to version 059+suse.570.g2b84048d7: fixnetwork-legacy: sanitize DHCP values in dhclient-script.sh bsc1268322, CVE-2026-6893...

8.8CVSS6.4AI score0.01131EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/10 12:48 p.m.•4 views

Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid

This update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-random, terraform-provider-susepubliccloud, terraform-provider-tls fixes the following issue...

7.5CVSS6.7AI score0.00781EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/07/10 11:39 a.m.•6 views

Security update for krb5

This update for krb5 fixes the following issue CVE-2026-11850: integer underflow in berval2tldata leads to heap out-of-bounds read bsc1268131. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

5.9CVSS6AI score0.00261EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/10 11:39 a.m.•6 views

Security update for krb5, krb5-mini

This update for krb5, krb5-mini fixes the following issues CVE-2026-11850: integer underflow in berval2tldata leads to heap out-of-bounds read bsc1268131. CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism bsc1263366. CVE-2026-40356: Denial of Service via integer...

5.9CVSS6AI score0.00507EPSS
Exploits2References12
SUSE Linux
SUSE Linux
•added 2026/07/10 11:38 a.m.•5 views

Security update for krb5

This update for krb5 fixes the following issue CVE-2026-11850: integer underflow in berval2tldata leads to heap out-of-bounds read bsc1268131. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

5.9CVSS6AI score0.00261EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/10 10:31 a.m.•4 views

Security update for perl-List-SomeUtils-XS

This update for perl-List-SomeUtils-XS fixes the following issue CVE-2026-12844: heap buffer overflow in the pairwise function bsc1269210. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

8.5CVSS6.2AI score0.00419EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/10 10:29 a.m.•4 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issue CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer overflow bsc1268449. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.1CVSS6.2AI score0.0031EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/10 10:28 a.m.•4 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issue CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer overflow bsc1268449. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.1CVSS6.2AI score0.0031EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/10 10:25 a.m.•8 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issue CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer overflow bsc1268449. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.1CVSS6.2AI score0.0031EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/10 9:25 a.m.•5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31771: Bluetooth: Ignore HCIERRORCANCELLEDBYHOST on adv set terminated event bsc1264145. CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach...

9.3CVSS6.2AI score0.00385EPSS
Exploits17References112
SUSE Linux
SUSE Linux
•added 2026/07/10 9:24 a.m.•6 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31771: Bluetooth: hcievent: move wake reason storage into validated event handlers bsc1264145. CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unrea...

9.3CVSS6.8AI score0.00385EPSS
Exploits17References120
SUSE Linux
SUSE Linux
•added 2026/07/10 9:9 a.m.•6 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work bsc1255416. CVE-2026-43198: tcp: fix potential race in tcpv6synrecvsock bsc1264610...

9.3CVSS6.1AI score0.00346EPSS
Exploits16References42
SUSE Linux
SUSE Linux
•added 2026/07/10 8:2 a.m.•4 views

Security update for libexif

This update for libexif fixes the following issues CVE-2026-40385: Fixed information disclosure and crashes via integer overflow in Nikon MakerNote handling bsc1262000 CVE-2026-40386: Fixed denial of service and information disclosure via integer underflow in MakerNote decoding bsc1262001...

5.3CVSS6.1AI score0.00193EPSS
Exploits1References12
SUSE Linux
SUSE Linux
•added 2026/07/10 8:1 a.m.•4 views

Security update for libexif

This update for libexif fixes the following issues CVE-2026-40385: Fixed information disclosure and crashes via integer overflow in Nikon MakerNote handling bsc1262000 CVE-2026-40386: Fixed denial of service and information disclosure via integer underflow in MakerNote decoding bsc1262001...

5.3CVSS6.1AI score0.00193EPSS
Exploits1References12
SUSE Linux
SUSE Linux
•added 2026/07/09 7:13 p.m.•5 views

Security update for clamav

This update for clamav fixes the following issues CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to cause a denial of service bsc1270107. CVE-2026-20214: FSG file format parser could allow an unauthenticated, remote attacker to cause a denial of service...

8.3CVSS7AI score0.00463EPSS
Exploits0References32
SUSE Linux
SUSE Linux
•added 2026/07/09 7:12 p.m.•7 views

Security update for clamav

This update for clamav fixes the following issues CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to cause a denial of service bsc1270107. CVE-2026-20214: FSG file format parser could allow an unauthenticated, remote attacker to cause a denial of service...

8.3CVSS7AI score0.00463EPSS
Exploits0References32
SUSE Linux
SUSE Linux
•added 2026/07/09 7:11 p.m.•6 views

Security update for clamav

This update for clamav fixes the following issues CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to cause a denial of service bsc1270107. CVE-2026-20214: FSG file format parser could allow an unauthenticated, remote attacker to cause a denial of service...

8.3CVSS7AI score0.00463EPSS
Exploits0References32
SUSE Linux
SUSE Linux
•added 2026/07/09 7:2 p.m.•5 views

Security update for rustup

This update for rustup fixes the following issues Security issues: CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. CVE-2026-41676: openssl: Deriver:derive and...

8.7CVSS7.1AI score0.00359EPSS
Exploits1References44
SUSE Linux
SUSE Linux
•added 2026/07/09 6:55 p.m.•4 views

Security update for rustup

This update for rustup fixes the following issues Security issues: CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. CVE-2026-25727: time: parsing of user-provided inp...

8.7CVSS7.1AI score0.00359EPSS
Exploits1References48
SUSE Linux
SUSE Linux
•added 2026/07/09 6:42 p.m.•5 views

Security update for warewulf4

This update for warewulf4 fixes the following issues: Update to v4.7.0. Security issues fixed: CVE-2025-69725: incorrect input validation in the RedirectSlashes function can lead to an open redirect bsc1258511. CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given b...

9.1CVSS6.8AI score0.00781EPSS
Exploits0References20
SUSE Linux
SUSE Linux
•added 2026/07/09 6:40 p.m.•12 views

Security update for libaom

This update for libaom fixes the following issues: CVE-2026-56208: untrusted encoder configuration inputs can lead to a heap-based buffer overflow and a process crash bsc1268650. CVE-2026-56209: crafted video frames with specific Y-plane pixel values can lead to an arbitrary memory write...

8.1CVSS6.7AI score0.00414EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/07/09 6:30 p.m.•5 views

Security update for python-idna

This update for python-idna fixes the following issue CVE-2026-45409: specially crafted inputs to idna.encode can bypass earlier security fix bsc1265413. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.9CVSS6.5AI score0.00408EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/09 6:28 p.m.•4 views

Security update for cosign

This update for cosign fixes the following issues CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: multiple issues when parsing HTML files bsc1267044. CVE-2026-33815: memory-safety vulnerability bsc1261811...

8.7CVSS6.8AI score0.00605EPSS
Exploits0References44
SUSE Linux
SUSE Linux
•added 2026/07/09 6:21 p.m.•5 views

Security update for rust-keylime

This update for rust-keylime fixes the following issues Update to version 0.2.9+49. Update openssl to 0.10.81. CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270174. CVE-2026-41677: openssl: out-of-bounds read in PEM password callback...

8.7CVSS6.6AI score0.00359EPSS
Exploits0References34
SUSE Linux
SUSE Linux
•added 2026/07/09 6:18 p.m.•4 views

Security update for rust-keylime

This update for rust-keylime fixes the following issues Update to version 0.2.9+49. Update openssl to 0.10.81. CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270174. CVE-2026-41677: openssl: out-of-bounds read in PEM password callback...

8.7CVSS6.6AI score0.00359EPSS
Exploits0References34
SUSE Linux
SUSE Linux
•added 2026/07/09 6:18 p.m.•5 views

Security update for alloy

This update for alloy fixes the following issues CVE-2026-10722: github.com/cilium/ebpf: BTF string offset boundary check can lead to crash when parsing malformed ELF/BTF input bsc1267811. CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple...

9.1CVSS6.5AI score0.00533EPSS
Exploits6References76
SUSE Linux
SUSE Linux
•added 2026/07/09 6:14 p.m.•8 views

Security update for helm

This update for helm fixes the following issues Update to version 3.21.2. CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation bsc1266598. CVE-2026-48978: oras.land/oras-go/v2/registry/remote/auth:...

9.1CVSS6.6AI score0.00478EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/09 6:7 p.m.•4 views

Security update for gnutls

This update for gnutls fixes the following issues CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing a large number of name constraints and SANs bsc1257960. CVE-2026-3833: incorrectly accepted domain names due to comparison during nam...

8.8CVSS6.7AI score0.01335EPSS
Exploits2References48
SUSE Linux
SUSE Linux
•added 2026/07/09 6:5 p.m.•5 views

Security update for python-sqlparse

This update for python-sqlparse fixes the following issue Fixed an issue where formatting list of tuples leads to denial of service bsc1268597. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

6AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/07/09 6:1 p.m.•5 views

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue CVE-2026-13606: crafted Photo CD PCD file can cause memory corruption bsc1269891. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

7.8CVSS6.1AI score
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/09 5:12 p.m.•4 views

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2026-48588: potential exposure of private data via cached Set-Cookie response bsc1271029. CVE-2026-53877: information disclosure via 32-byte heap buffer overread in GDALRaster bsc1271030. Patch Instructions: To install this SUSE update...

4.8CVSS6.1AI score0.00375EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/09 5:9 p.m.•7 views

Security update for go1.26

This update for go1.26 fixes the following issues Update to version go1.26.5 bsc1255111 CVE-2026-39822: os: Root escape via symlink plus trailing slash bsc1271014. CVE-2026-42505: crypto/tls: omit PSK in ECH outer client hello bsc1271015. Patch Instructions: To install this SUSE update use the SU...

7.7CVSS6.1AI score0.00413EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/07/09 5:8 p.m.•4 views

Security update for go1.25

This update for go1.25 fixes the following issues Update to version go1.25.12 bsc1244485. CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. CVE-2026-27139: os: FileInfo can escape from a Root bsc1259268. CVE-2026-27142: html/template: URLs in meta content attribute...

7.7CVSS6.8AI score0.00728EPSS
Exploits0References28
SUSE Linux
SUSE Linux
•added 2026/07/09 2:11 p.m.•5 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: NOTE: This update was retracted as it contained incorrect provides/obsolets on mozilla-nss-certs. Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: CVE-2026-12289: Privilege escalation in the Graphics: WebRender component...

9.1CVSS6AI score0.00476EPSS
Exploits0References60
SUSE Linux
SUSE Linux
•added 2026/07/09 12:26 p.m.•4 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Removed obsolete mozilla-nss-certs and recommends p11-kit-nss-trust bsc1269226 Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. CVE-2026-12290: Memory safe...

9.1CVSS6AI score0.00476EPSS
Exploits0References62
SUSE Linux
SUSE Linux
•added 2026/07/09 6:25 a.m.•4 views

Security update for python-maturin

This update for python-maturin fixes the following issues CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270208. CVE-2026-41677: openssl: out-of-bounds read in PEM password callback when returning an oversized length bsc1270620...

8.7CVSS6.2AI score0.00359EPSS
Exploits0References32
SUSE Linux
SUSE Linux
•added 2026/07/09 6:14 a.m.•3 views

Security update for glib-networking

This update for glib-networking fixes the following issue CVE-2026-10028: two certificates which are each signed by the other can lead to an infinite loop bsc1267979. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

5.3CVSS5.9AI score0.00181EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/09 6:8 a.m.•3 views

Security update for systemd

This update for systemd fixes the following issue Security issues fixed: CVE-2026-40226: nspawn: escape-to-host via malformed optional config file bsc1261400. Other updates and bugfixes: Import commit 37508f8ec1 bsc1267647. Import commit c7530fbea3 bsc1261982 bsc1261983. Import commit 5c4ed461a7...

7.1CVSS6.5AI score0.00072EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/07/09 4:47 a.m.•3 views

Security update for rust-keylime

This update for rust-keylime fixes the following issues Update to version 0.2.9+49 Update openssl to 0.10.81 CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270174. CVE-2026-41677: openssl: out-of-bounds read in PEM password callback...

8.7CVSS6.8AI score0.00359EPSS
Exploits0References34
Total number of security vulnerabilities5671