59855 matches found
SUSE CVE-2026-6479
Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AFUNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18....
SUSE CVE-2026-6637
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...
SUSE CVE-2026-8696
radare2 6.1.5 contains a use-after-free vulnerability in the gdbrpidslist function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability ...
SUSE CVE-2026-34253
A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...
SUSE CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
SUSE CVE-2026-42585
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final...
SUSE CVE-2026-42587
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent decompression bomb attacks. This limit is correctly enforced for gzip and deflate...
SUSE CVE-2025-40048
In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...
SUSE CVE-2017-1000065
Multiple Cross-site scripting XSS vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights ManagementUsers functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser...
SUSE CVE-2023-20569
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure...
SUSE CVE-2026-42498
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through...
SUSE CVE-2026-44307
Mako is a template library written in Python. Prior to 1.3.12, on Windows, a URI using backslash traversal e.g. ....\ secret.txt bypasses the directory traversal check in Template.init and the posixpath-based normalization in TemplateLookup.gettemplate, allowing reads of files outside the...
SUSE CVE-2026-7813
Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...
SUSE CVE-2026-7816
OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...
SUSE CVE-2026-43458
In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...
SUSE CVE-2026-43894
jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...
SUSE CVE-2026-8274
A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function dodirectory of the file cramfsck.c of the component Directory Handler. Such manipulation leads to path traversal. The attack can only be performed from a local environment. The exploit has been...
SUSE CVE-2026-42307
Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the sftp:// or file:// protocol handlers, an attacker can execute arbitrary...
SUSE CVE-2026-45190
Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...
SUSE CVE-2026-45191
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190...
SUSE CVE-2026-44244
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...
SUSE CVE-2026-44742
Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026...
SUSE CVE-2026-44927
In uriparser before 1.0.2, there is pointer difference truncation to int in various places...
SUSE CVE-2026-7936
Determined not a vulnerability...
SUSE CVE-2026-7964
Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-7989
Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-8092
Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox...
SUSE CVE-2026-41142
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::resize that leads...
SUSE CVE-2026-41417
Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is later changed via setUri. The constructors reject CRLF and whitespace characters that would break the start-line, but setUri does not apply the same validation...
SUSE CVE-2026-31722
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds,...
SUSE CVE-2026-31727
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 "usb: gadget: fncm: Fix netdevice lifecycle with devicemove" reparents the gadget device to /sys/devices/virtual during unbind, clearing the gadget...
SUSE CVE-2026-31752
In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...
SUSE CVE-2026-35579
CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks whether the TSIG key name exists in the configuration but never calls dns.TsigVerify to validate...
SUSE CVE-2026-43101
In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix potential NULL dereferences in ioam6filltracedata We need to check in6devget for possible NULL value, as suggested by Yiming Qian. Also add skbdstdevrcu instead of skbdstdev, and two missing READONCE. Note that @d...
SUSE CVE-2026-43102
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airohaqdmarxprocess If an error occurs on the subsequents buffers belonging to the non-linear part of the skb e.g. due to an error in the payload length reported by the NIC or if we consumed all th...
SUSE CVE-2026-43126
In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...
SUSE CVE-2026-31738
In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...
SUSE CVE-2026-31767
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the compression ratio in command mode. Bspec seems to be telling us to do this only in video mode, and...
SUSE CVE-2026-31770
In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...
SUSE CVE-2026-44028
An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...
SUSE CVE-2026-33007
A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...
SUSE CVE-2026-25705
A vulnerability has been identified in Rancher's Extensions where malicious code can be injected in Rancher through a path traversal in the compressedEndpoint field inside a UIPlugin deployment. A malicious UI extension could abuse that to: Overwrite Rancher binaries or configuration to inject...
SUSE CVE-2026-31705
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds write in smb2getea EA alignment smb2getea applies 4-byte alignment padding via memset after writing each EA entry. The bounds check on buffreelen is performed before the value memcpy, but the alignment...
SUSE CVE-2026-34839
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API /api/4/ that is accessible without authentication and allows cross-origin requests from any origin due to a permissive CORS policy Access-Control-Allow-Origin: . This...
SUSE CVE-2003-0354
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...
SUSE CVE-2026-31790
Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...
SUSE CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
SUSE CVE-2026-23166
In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in icevsisetnapiqueues Add NULL pointer checks in icevsisetnapiqueues to prevent crashes during resume from suspend when ringsqidx-qvector is NULL. Tested adaptor: 60:00.0 Ethernet controller 020...
SUSE CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
SUSE CVE-2026-23520
Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane's updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to r...