Lucene search
+L

5671 matches found

SUSE Linux
SUSE Linux
•added 2026/07/08 7:35 p.m.•3 views

Security update for kubevirt

This update for kubevirt fixes the following issues: CVE-2026-9804: Symlink escape in the VMExport dir handler let an attacker controlling an exported PVC read sensitive files TLS keys, tokens, service-account creds from the exporter pod. bsc1266733 CVE-2025-14525: A VM reporting many...

8.2CVSS5.9AI score0.00656EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/07/08 7:31 p.m.•3 views

Security update for dracut

This update for dracut fixes the following issue CVE-2026-6893: Root code execution via DHCP options command injection bsc1268322. Changes for dracut: Update to version 059+suse.565.g682306ec5: fixnetwork-legacy: sanitize DHCP values in dhclient-script.sh bsc1268322, CVE-2026-6893...

8.8CVSS6.4AI score0.01131EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/08 7:6 p.m.•3 views

Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issue This update for netty, netty-tcnative fixes the following issues Upgrade netty to upstream version 4.1.135, netty-tcnative to upstream version 2.0.79: CVE-2026-44249: IPv6 Subnet Filter Bypass via Incorrect Comparator Masking...

9.2CVSS6.9AI score0.00606EPSS
Exploits0References72
SUSE Linux
SUSE Linux
•added 2026/07/08 7:5 p.m.•4 views

Security update for jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-dataformats-binary, jackson-modules-base, jackson-parent

This update for jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-dataformats-binary, jackson-modules-base, jackson-parent fixes the following issues CVE-2026-54512: jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary...

8.1CVSS6.1AI score0.00695EPSS
Exploits1References18
SUSE Linux
SUSE Linux
•added 2026/07/08 2:59 p.m.•15 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. CVE-2025-40341: futex: Don't leak robustlist pointer on exec race bsc1255029. CVE-2025-71294:...

9.3CVSS6.9AI score0.00533EPSS
Exploits3References450
SUSE Linux
SUSE Linux
•added 2026/07/08 2:58 p.m.•5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. CVE-2025-40341: futex:...

9.3CVSS6.9AI score0.00533EPSS
Exploits3References706
SUSE Linux
SUSE Linux
•added 2026/07/08 8:8 a.m.•3 views

Security update for libXfont2

This update for libXfont2 fixes the following issues CVE-2026-56001: integer overflow in BitmapScaleBitmaps can lead to a heap buffer overflow bsc1269018. CVE-2026-56002: insufficient checks in pcfReadFont can lead to a heap buffer overflow bsc1269019. CVE-2026-56003: missing bounds check in...

7.3CVSS6.2AI score0.00643EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/07/08 8:6 a.m.•3 views

Security update for libXfont2

This update for libXfont2 fixes the following issues CVE-2026-56001: integer overflow in BitmapScaleBitmaps can lead to a heap buffer overflow bsc1269018. CVE-2026-56002: insufficient checks in pcfReadFont can lead to a heap buffer overflow bsc1269019. CVE-2026-56003: missing bounds check in...

7.3CVSS6.2AI score0.00643EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/07/08 7:55 a.m.•3 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issue CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893. Patch Instructions: To install this SUSE update use the SUSE recommended...

7.3CVSS6.2AI score0.00212EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/08 7:33 a.m.•3 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893. CVE-2026-56000: improper memory management in CommonMakeCurrent can lead to a...

7.3CVSS6.2AI score0.00212EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/08 7:29 a.m.•4 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893. CVE-2026-56000: improper memory management in CommonMakeCurrent can lead to a...

7.3CVSS6.2AI score0.00212EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/08 7:22 a.m.•3 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893. CVE-2026-56000: improper memory management in CommonMakeCurrent can lead to a...

7.3CVSS6.2AI score0.00212EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/08 7:19 a.m.•4 views

Security update for xwayland

This update for xwayland fixes the following issues CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893. CVE-2026-56000: improper memory management in CommonMakeCurrent can lead to a heap...

7.3CVSS6.2AI score0.00212EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/08 7:16 a.m.•3 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CVE-2026-55999: missing bounds check in glamorfontget can lead to a heap buffer overflow when a font loaded from a malicious PCF file is processed bsc1268893. CVE-2026-56000: improper memory management in CommonMakeCurrent can lead to a...

7.3CVSS6.2AI score0.00212EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/08 6:48 a.m.•3 views

Security update for systemd, systemd-mini

This update for systemd, systemd-mini fixes the following issue Security issues fixed: CVE-2026-40226: nspawn: escape-to-host via malformed optional config file bsc1261400. Other updates and bugfixes: Import commit eba1930de8 bsc1267647. Import commit 5d46cdd987 bsc1261982 bsc1261983. Import comm...

7.1CVSS6.5AI score0.00072EPSS
Exploits0References10
SUSE Linux
SUSE Linux
•added 2026/07/07 3:5 p.m.•3 views

Security update for kubevirt-1.6

This update for kubevirt-1.6 fixes the following issues: CVE-2026-9804: Symlink escape in the VMExport dir handler let an attacker controlling an exported PVC read sensitive files TLS keys, tokens, service-account creds from the exporter pod. bsc1266733 CVE-2025-14525: A VM reporting many...

8.2CVSS5.9AI score0.00656EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/07/06 6:1 p.m.•8 views

Security update for perl-Cpanel-JSON-XS

This update for perl-Cpanel-JSON-XS fixes the following issues CVE-2026-9334: type confusion via duplicate object keys when dupkeysasarrayref is enabled bsc1267546. CVE-2026-9516: denial of service via UTF-8 BOM prefixed input when a decode filter callback throws bsc1267547. Patch Instructions: T...

9.2CVSS5.9AI score0.00361EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/06 2:12 p.m.•5 views

Security update for postfix

This update for postfix fixes the following issue CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

8.2CVSS6.1AI score0.00415EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/06 2:11 p.m.•9 views

Security update for postfix

This update for postfix fixes the following issue CVE-2026-43964: buffer overread and process crash via an enhanced status code that lacks text after the third number bsc1264062. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

8.2CVSS6.2AI score0.00415EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/06 2:7 p.m.•7 views

Security update for bind

This update for bind fixes the following issues: CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. Patch...

7.5CVSS6.7AI score0.0181EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/07/06 8:57 a.m.•4 views

Security update for cryptsetup, s390-tools

This update for cryptsetup, s390-tools fixes the following issue Security fixes: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270185. Changes for s390-tools: Upgrade s390-tools to version 2.41.0 jscPED-15860 Automatically set...

8.3CVSS6.2AI score0.00285EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/07/06 8:48 a.m.•8 views

Security update 5.1.4 for Multi-Linux Manager Client Tools and Salt Bundle

Description: This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security issues fixed: CVE-2022-21698: Fixed prometheus/clientgolang possible denial of service using InstrumentHandlerCounter bsc1248699 golang-github-prometheus-nodeexporter updated to version...

9.1CVSS6.3AI score0.05994EPSS
Exploits0References380
SUSE Linux
SUSE Linux
•added 2026/07/06 7:54 a.m.•5 views

Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.19 Bugs mentioned: bsc1269253, bsc1269534 Security update 4.3.19 for Multi-Linux Manager Server LTS Description: This update fixes the following issues: release-notes-susemanager: Upda...

5.9AI score
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/07/06 7:52 a.m.•10 views

Maintenance update for Multi-Linux Manager 5.1: Server, Proxy and Retail Branch Server

Description: This update fixes the following issues: Release Notes Highlights: Update to SUSE Multi-Linux Manager 5.1.4: Bugs mentioned: bsc1208800, bsc1234567, bsc1238890, bsc1253032, bsc1257894 bsc1258382, bsc1259474, bsc1259739, bsc1260806, bsc1261902 bsc1262708, bsc1264966, bsc1266012 Contain...

9.1CVSS6AI score
Exploits0References206
SUSE Linux
SUSE Linux
•added 2026/07/06 7:48 a.m.•4 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot updated to version 1.2.1: Key Update Highlights v1.2.1 Added wait check for minion start default 10s, configurable using rd.saltboot.saltstarttimeout option bsc1260870 Decouple salt key wait check to use separate configurable option...

9.1CVSS7.1AI score0.05994EPSS
Exploits0References126
SUSE Linux
SUSE Linux
•added 2026/07/06 7:47 a.m.•4 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: CVE-2022-21698: Replace github.com/prometheus/clientgolang with version 1.11.1 bsc1248707 golang-github-boynux-squidexporter: Non customer facing changes golang-github-lusitaniae-apacheexporter: Non customer...

7.5CVSS6.8AI score0.05994EPSS
Exploits0References42
SUSE Linux
SUSE Linux
•added 2026/07/06 7:47 a.m.•4 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security issue fixed: CVE-2022-21698: Fixed prometheus/clientgolang possible denial of service using InstrumentHandlerCounter bsc1248699 golang-github-lusitaniae-apacheexporter: Non customer facing changes...

7.5CVSS7AI score0.91969EPSS
Exploits3References40
SUSE Linux
SUSE Linux
•added 2026/07/06 7:46 a.m.•5 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security issue fixed: CVE-2022-21698: Fixed prometheus/clientgolang possible denial of service using InstrumentHandlerCounter bsc1248699 golang-github-lusitaniae-apacheexporter: Non customer facing changes...

7.5CVSS7AI score0.91969EPSS
Exploits3References64
SUSE Linux
SUSE Linux
•added 2026/07/06 7:46 a.m.•4 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security issue fixed: CVE-2022-21698: Fixed prometheus/clientgolang possible denial of service using InstrumentHandlerCounter bsc1248699 golang-github-lusitaniae-apacheexporter: Non customer facing changes...

7.5CVSS7AI score0.91969EPSS
Exploits3References64
SUSE Linux
SUSE Linux
•added 2026/07/06 4:5 a.m.•4 views

Security update for libnfs

This update for libnfs fixes the following issue CVE-2026-53689: integer overflow during a connection to a crafted NFS server bsc1268135. Changes for libnfs: Add libnfs-CVE-2026-53689.patch: ZDR: check the string size for sanity bsc1268135 CVE-2026-53689. Patch Instructions: To install this SUSE...

7.1CVSS6AI score0.00192EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/06 2:4 a.m.•3 views

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-29167: modldap per-dir use-after-free bsc1267976. CVE-2026-29170: modproxyftp XSS bsc1267977. CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. CVE-2026-34356: malicious backend servers can lead to a heap-based buffer overflow...

9.2CVSS7.2AI score0.11471EPSS
Exploits8References52
SUSE Linux
SUSE Linux
•added 2026/07/03 1:58 p.m.•8 views

Security update for tracker-miners

This update for tracker-miners fixes the following issues: CVE-2026-1764: heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files bsc1257606. CVE-2026-1765: denial of service and potential information disclosure via crafted MP3 files bsc1257607...

5.6CVSS6.1AI score0.00246EPSS
Exploits4References16
SUSE Linux
SUSE Linux
•added 2026/07/03 1:34 p.m.•5 views

Security update for perl-DBI

This update for perl-DBI fixes the following issue CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.8CVSS6.1AI score0.00452EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/03 1:4 p.m.•6 views

Security update for perl-DBI

This update for perl-DBI fixes the following issues CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. CVE-2026-10879: SQL statements with more than 9 binders can cause an heap overflow bsc1267849. Patch Instructions: To install this SUSE update u...

7.8CVSS6.2AI score0.00452EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/03 12:33 p.m.•6 views

Security update for perl-DBI

This update for perl-DBI fixes the following issue CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.8CVSS6.1AI score0.00452EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/03 11:46 a.m.•9 views

Security update for libarchive

This update for libarchive fixes the following issues CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing bsc1259928. CVE-2026-4426: undefined behavior due to unvalidated...

8.7CVSS6.6AI score0.01073EPSS
Exploits1References16
SUSE Linux
SUSE Linux
•added 2026/07/03 11:34 a.m.•7 views

Security update for firewalld-legacy

This update for firewalld-legacy fixes the following issue CVE-2026-4948: local unprivileged users can modify firewall state due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

6.8CVSS5.9AI score0.00118EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/03 11:25 a.m.•7 views

Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/03 11:23 a.m.•5 views

Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods lik...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/03 9:20 a.m.•8 views

Security update for pacemaker

This update for pacemaker fixes the following issue CVE-2026-10649: denial of service via integer overflow in remote message decompression bsc1268381. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.5CVSS6AI score0.00516EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/03 9:7 a.m.•10 views

Security update for golang-github-docker-libnetwork

This update for golang-github-docker-libnetwork fixes the following issue CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259566. Patch Instructions: To install this SUSE...

8.2CVSS6AI score0.00475EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/03 8:5 a.m.•8 views

Security update for fontforge

This update for fontforge fixes the following issues CVE-2025-15269: Remote Code Execution via Use-After-Free in SFD file parsing bsc1256032. CVE-2025-15275: Arbitrary code execution via SFD file parsing buffer overflow bsc1256025. CVE-2025-15279: Remote Code Execution via heap-based buffer...

8.8CVSS6.7AI score0.0058EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/07/02 10:36 p.m.•6 views

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-29167: modldap per-dir use-after-free bsc1267976. CVE-2026-29170: modproxyftp XSS bsc1267977. CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. CVE-2026-34356: malicious backend servers can lead to a heap-based buffer overflow...

9.2CVSS6.2AI score0.11471EPSS
Exploits8References52
SUSE Linux
SUSE Linux
•added 2026/07/02 6:5 p.m.•6 views

Security update for buildah

This update for buildah fixes the following issues CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267179. CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input...

9.1CVSS7AI score0.00651EPSS
Exploits2References58
SUSE Linux
SUSE Linux
•added 2026/07/02 5:41 p.m.•5 views

Security update for cups

This update for cups fixes the following issues CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. CVE-2026-34979: Heap overflow in getoptions...

6.8CVSS7AI score0.00502EPSS
Exploits6References24
SUSE Linux
SUSE Linux
•added 2026/07/02 5:36 p.m.•4 views

Security update for editorconfig-core-c

This update for editorconfig-core-c fixes the following issue: CVE-2026-40489: improper use of strcpy can lead to a stack buffer overflow bsc1262131. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

6.8CVSS6.1AI score0.00151EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/07/02 5:31 p.m.•4 views

Security update for python-lxml

This update for python-lxml fixes the following issue CVE-2026-41066: information disclosure via untrusted XML input leading to local file read bsc1263254. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6CVSS5.9AI score0.00324EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/07/02 5:30 p.m.•6 views

Security update for python-lxml

This update for python-lxml fixes the following issue CVE-2026-41066: information disclosure via untrusted XML input leading to local file read bsc1263254. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6CVSS5.9AI score0.00324EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/07/02 2:4 p.m.•6 views

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues CVE-2024-47540: uninitialized stack memory in Matroska/WebM demuxer bsc1234421. CVE-2026-53705: Heap buffer overflow in WavPack decoder via integer overflow bsc1268449. Patch Instructions: To install this SUSE update use the SUSE...

7.8CVSS7.5AI score0.01005EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/07/02 1:55 p.m.•6 views

Security update for python-tornado

This update for python-tornado fixes the following issues CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. CVE-2026-49855: AsyncHTTPClient accumulates...

7.5CVSS5.8AI score0.00691EPSS
Exploits0References12
Total number of security vulnerabilities5671