Lucene search
+L

5671 matches found

SUSE Linux
SUSE Linux
•added 2026/07/02 1:52 p.m.•5 views

Security update for python-tornado6

This update for python-tornado6 fixes the following issues CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. CVE-2026-49855: AsyncHTTPClient accumulates...

7.5CVSS5.8AI score0.00691EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/07/01 6:9 p.m.•3 views

Security update for python-python-dotenv

This update for python-python-dotenv fixes the following issue: CVE-2026-28684: follow symbolic links when rewriting .env files bsc1262423 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

6.6CVSS7.2AI score0.00236EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/07/01 6:9 p.m.•4 views

Security update for python311

This update for python311 fixes the following issues: Security issues fixed: CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed bsc1261970. Other updates and bugfixes: Rewrite structure of Python interpreter packages. python3...

6CVSS5.8AI score0.00188EPSS
Exploits0References6
SUSE Linux
SUSE Linux
•added 2026/07/01 1:35 p.m.•17 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3registerwork...

8.8CVSS6.9AI score0.0053EPSS
Exploits0References264
SUSE Linux
SUSE Linux
•added 2026/07/01 1:15 p.m.•6 views

Security update for dracut

This update for dracut fixes the following issue CVE-2026-6893: Root code execution via DHCP options command injection bsc1268322. Changes for dracut: Update to version 055+suse.402.g2720eea: fixnetwork-legacy: sanitize DHCP values in dhclient-script.sh bsc1268322, CVE-2026-6893 fixnetwork-legacy...

8.8CVSS6.2AI score0.01131EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/01 1:15 p.m.•7 views

Security update for dracut

This update for dracut fixes the following issue CVE-2026-6893: Root code execution via DHCP options command injection bsc1268322. Changes for dracut: Update to version 055+suse.365.g79144c5: fixnetwork-legacy: sanitize DHCP values in dhclient-script.sh bsc1268322, CVE-2026-6893 fixnetwork-legacy...

8.8CVSS6.2AI score0.01131EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/01 11:33 a.m.•6 views

Security update for pacemaker

This update for pacemaker fixes the following issues: CVE-2026-10649: Fixed denial-of-service via integer overflow in remote message decompression bsc1268381. Changes for pacemaker: Update to version 2.1.10+20260618.4bca25e3c1: libcrmcommon: Add additional checks to pcmkremotemessagexml...

7.5CVSS5.9AI score0.00516EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/07/01 10:23 a.m.•5 views

Security update for cups

This update for cups fixes the following issues CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. CVE-2026-34979: Heap overflow in getoptions...

6.8CVSS7.1AI score0.00502EPSS
Exploits5References20
SUSE Linux
SUSE Linux
•added 2026/07/01 8:5 a.m.•7 views

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-29167: modldap per-dir use-after-free bsc1267976. CVE-2026-29170: modproxyftp XSS bsc1267977. CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. CVE-2026-34356: malicious backend servers can lead to a heap-based buffer overflow...

9.2CVSS7.3AI score0.11471EPSS
Exploits8References52
SUSE Linux
SUSE Linux
•added 2026/06/30 3:34 p.m.•6 views

Security update for pacemaker

This update for pacemaker fixes the following issue CVE-2026-10649: denial of service via integer overflow in remote message decompression bsc1268381. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.5CVSS5.9AI score0.00516EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 12:8 p.m.•7 views

Security update for podman

This update for podman rebuilds it against the current go security release. CVE-2026-34986: Update github.com/go-jose/go-jose/v3+v4 dependency bsc1262856. CVE-2026-39829, CVE-2026-39830, CVE-2026-42508, CVE-2026-46598: Update golang.org/x/crypto/ssh dependency bsc1266125. Patch Instructions: To...

8.7CVSS7.3AI score0.00651EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/30 12:5 p.m.•6 views

Security update for tar

This update for tar fixes the following issues Security fixes: CVE-2026-5704: crafted archives can be used to to hide file injection bsc1261900. Other fixes: Fix tar changing dir permissions temporarily even when using --no-overwrite-dir. Fix --dereference/-h not working properly after...

5.9CVSS6.2AI score0.00433EPSS
Exploits2References8
SUSE Linux
SUSE Linux
•added 2026/06/30 12:1 p.m.•5 views

Security update for tracker

This update for tracker fixes the following issues: CVE-2026-1765: heap buffer overflow vulnerability in extracttxxxtags bsc1257607. CVE-2026-1766: heap buffer overflow vulnerability in getid3v23tags bsc1257608. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

5.6CVSS6AI score0.00158EPSS
Exploits1References8
SUSE Linux
SUSE Linux
•added 2026/06/30 12:1 p.m.•4 views

Security update for xdg-desktop-portal

This update for xdg-desktop-portal fixes the following issue: CVE-2026-40354: File deletion via symlink attack bsc1262045. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 10:57 a.m.•5 views

Security update for perl-Config-IniFiles

This update for perl-Config-IniFiles fixes the following issue CVE-2026-11527: OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle bsc1268236. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.6CVSS5.8AI score0.00618EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 10:55 a.m.•5 views

Security update for perl-Config-IniFiles

This update for perl-Config-IniFiles fixes the following issue CVE-2026-11527: OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle bsc1268236. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.6CVSS5.8AI score0.00618EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 10:34 a.m.•6 views

Security update for buildah

This update for buildah fixes the following issues CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267179. CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input...

9.1CVSS7AI score0.00868EPSS
Exploits2References58
SUSE Linux
SUSE Linux
•added 2026/06/30 10:28 a.m.•6 views

Security update for exiv2-0_26

This update for exiv2-026 fixes the following issues CVE-2025-54080: out-of-bounds read in Exiv2::EpsImage::writeMetadata when writing metadata into a crafted image file bsc1248962. CVE-2026-25884: out-of-bounds read in CrwMap::decode0x0805 bsc1259083. CVE-2026-27596: integer overflow in...

8.3CVSS5.8AI score0.00367EPSS
Exploits1References16
SUSE Linux
SUSE Linux
•added 2026/06/30 10:27 a.m.•7 views

Security update for curl

This update for curl fixes the following issues CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. CVE-2026-5773: wrong reuse of SMB connection bsc1262633. CVE-2026-6253: proxy credentials leak over redirect-to...

8.3CVSS7.1AI score0.00639EPSS
Exploits6References24
SUSE Linux
SUSE Linux
•added 2026/06/30 10:27 a.m.•6 views

Security update for libsoup

This update for libsoup fixes the following issue CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 9:59 a.m.•6 views

Security update for pacemaker

This update for pacemaker fixes the following issue CVE-2026-10649: denial of service via integer overflow in remote message decompression bsc1268381. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.5CVSS5.9AI score0.00516EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 9:25 a.m.•5 views

Security update for cifs-utils

This update for cifs-utils fixes the following issue CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 9:21 a.m.•5 views

Security update for cifs-utils

This update for cifs-utils fixes the following issue CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate o...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/30 9:15 a.m.•5 views

Security update for opensc

This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. CVE-2025-66038: improper compact-TLV length validation can lead to crash or...

8.5CVSS6AI score0.00296EPSS
Exploits2References24
SUSE Linux
SUSE Linux
•added 2026/06/30 9:10 a.m.•4 views

Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. CVE-2026-48101: Information...

7.8CVSS6.1AI score0.00938EPSS
Exploits8References32
SUSE Linux
SUSE Linux
•added 2026/06/30 9:6 a.m.•5 views

Security update for nodejs22

This update for nodejs22 fixes the following issues: CVE-2026-48618: tls: normalize hostname for server identity checks bsc1268593. CVE-2026-48933: crypto: guard WebCrypto cipher output length bsc1268592. CVE-2026-48615: lib,test: redact proxy credentials in tunnel errors bsc1268598...

8.7CVSS6.1AI score0.02806EPSS
Exploits3References76
SUSE Linux
SUSE Linux
•added 2026/06/30 9:4 a.m.•5 views

Security update for podman

This update for podman fixes the following issues CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:...

8.7CVSS7.3AI score0.00651EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/30 8:53 a.m.•5 views

Security update for docker

This update for docker fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and...

9.1CVSS6.4AI score0.00781EPSS
Exploits0References16
SUSE Linux
SUSE Linux
•added 2026/06/30 8:42 a.m.•7 views

Security update for sg3_utils

This update for sg3utils fixes the following issue Update to version 1.47+16.aad0b411: sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

5.8AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/06/30 8:22 a.m.•7 views

Security update for sg3_utils

This update for sg3utils fixes the following issue Update to version 1.44763+23.769c9b5b: sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

5.8AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/06/30 8:21 a.m.•10 views

Security update for sg3_utils

This update for sg3utils fixes the following issue Update to version 1.43+49.47792c16: sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

5.8AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/06/30 8:21 a.m.•6 views

Security update for sg3_utils

This update for sg3utils fixes the following issue sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

5.8AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/06/30 8:20 a.m.•7 views

Security update for sg3_utils

This update for sg3utils fixes the following issue Update to version 1.44763+20.e416e091: sginq: --export output conformance for SCSI name string and ATA fields bsc1267823. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

5.8AI score
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/06/29 10:36 p.m.•6 views

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...

9.8CVSS7.3AI score0.4581EPSS
Exploits26References190
SUSE Linux
SUSE Linux
•added 2026/06/29 3:19 p.m.•6 views

Security update for openCryptoki

This update for openCryptoki fixes the following issue: CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

7CVSS5.8AI score0.0016EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/29 1:29 p.m.•8 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issues: CVE-2026-39821: Update golang.org/x/net dependency bsc1266604. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

9.1CVSS6.7AI score0.00478EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/29 1:29 p.m.•5 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issues: CVE-2026-39821: Update golang.org/x/net dependency bsc1266604. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

9.1CVSS6.7AI score0.00478EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/29 1:27 p.m.•5 views

Security update for libheif

This update for libheif fixes the following issues CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux bsc1261658. CVE-2026-32814: Uninitialized Heap Memory Information Leak via Failed Grid Tiles bsc1265878. Patch Instructions: To install this SUSE update use the SUSE...

6.3CVSS6.1AI score0.00303EPSS
Exploits0References8
SUSE Linux
SUSE Linux
•added 2026/06/29 1:27 p.m.•8 views

Security update for ansible-core

This update for ansible-core fixes the following issues: CVE-2026-11332: Argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

7.8CVSS6.4AI score0.00156EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/29 1:26 p.m.•6 views

Security update for freeipmi

This update for freeipmi fixes the following issue CVE-2026-50031: denial of service via buffer overflow in ipmi-oem client bsc1267605. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

7.5CVSS6AI score0.00405EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/29 10:57 a.m.•7 views

Security update for opensc

This update for opensc fixes the following issues CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. CVE-2026-10275: global buffer overflow during key...

7.3CVSS6AI score0.00296EPSS
Exploits0References12
SUSE Linux
SUSE Linux
•added 2026/06/29 9:53 a.m.•6 views

Security update for bind

This update for bind fixes the following issues CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-5946: Invalid handling of CLASS != IN bsc1265594. CVE-2026-595...

7.5CVSS5.8AI score0.01844EPSS
Exploits1References20
SUSE Linux
SUSE Linux
•added 2026/06/29 9:45 a.m.•6 views

Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

8.7CVSS5.9AI score0.01339EPSS
Exploits2References28
SUSE Linux
SUSE Linux
•added 2026/06/29 9:41 a.m.•6 views

Security update for libsolv, libzypp, zypper

This update for libsolv, libzypp, zypper fixes the following issues CVE-2026-9149: Heap buffer overflow in libsolv repoaddsolv via negative maxsize from crafted .solv file bsc1265935. CVE-2026-9150: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512...

8.7CVSS6.2AI score0.0081EPSS
Exploits1References62
SUSE Linux
SUSE Linux
•added 2026/06/29 9:32 a.m.•6 views

Security update for bind

This update for bind fixes the following issues: Security issues: CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. CVE-2026-5946: Invalid handling of CLASS != IN...

7.5CVSS5.8AI score0.0181EPSS
Exploits1References22
SUSE Linux
SUSE Linux
•added 2026/06/29 5:42 a.m.•8 views

Security update for libsoup2

This update for libsoup2 fixes the following issue CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/29 5:42 a.m.•8 views

Security update for libsoup

This update for libsoup fixes the following issue CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References4
SUSE Linux
SUSE Linux
•added 2026/06/29 5:42 a.m.•8 views

Security update for xen

This update for xen fixes the following issues: CVE-2026-42487: xen: x86 HVM I/O port list traversal XSA-491 bsc1266952. CVE-2026-42488: xen: x86: mismatched mapcache metadata XSA-494 bsc1266955. CVE-2026-42489,CVE-2026-42490: xen: domctl lock open to abuse XSA-492 bsc1266953. Patch Instructions:...

8.8CVSS5.8AI score0.00353EPSS
Exploits0References14
SUSE Linux
SUSE Linux
•added 2026/06/26 2:8 p.m.•6 views

Security update for giflib

This update for giflib fixes the following issue CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

8.6CVSS5.8AI score0.00618EPSS
Exploits1References4
SUSE Linux
SUSE Linux
•added 2026/06/26 2:8 p.m.•5 views

Security update for giflib

This update for giflib fixes the following issue CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

8.6CVSS5.8AI score0.00618EPSS
Exploits1References4
Total number of security vulnerabilities5671