59854 matches found
SUSE CVE-2026-35579
CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks whether the TSIG key name exists in the configuration but never calls dns.TsigVerify to validate...
SUSE CVE-2026-43102
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airohaqdmarxprocess If an error occurs on the subsequents buffers belonging to the non-linear part of the skb e.g. due to an error in the payload length reported by the NIC or if we consumed all th...
SUSE CVE-2026-43126
In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...
SUSE CVE-2026-31738
In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...
SUSE CVE-2026-31767
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the compression ratio in command mode. Bspec seems to be telling us to do this only in video mode, and...
SUSE CVE-2026-44028
An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR Nix Archive parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite...
SUSE CVE-2026-33007
A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...
SUSE CVE-2026-27830
c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serialized objects and javax.naming.Reference instances. Several c3p0 ConnectionPoolDataSource implementations have a property called userOverridesAsString which conceptually represents a Map. Prior to...
SUSE CVE-2026-23166
In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in icevsisetnapiqueues Add NULL pointer checks in icevsisetnapiqueues to prevent crashes during resume from suspend when ringsqidx-qvector is NULL. Tested adaptor: 60:00.0 Ethernet controller 020...
SUSE CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
SUSE CVE-2025-15534
A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...
SUSE CVE-2024-41260
A static initialization vector IV in the encrypt function of netbird management's service from v0.23.2 to v0.29.1 allows attackers to obtain sensitive information email addresses when in possession of the audit events database...
SUSE CVE-2025-11393
A flaw was found in runtimes-inventory-rhel8-operator. An internal proxy component is incorrectly configured. Because of this flaw, the proxy attaches the cluster's main administrative credentials to any command it receives, instead of only the specific reports it is supposed to handle. This allo...
SUSE CVE-2025-12419
Mattermost versions 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12, 11.0.x = 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authenticated attacker with team creation privileges to take over a user account via manipulation of...
SUSE CVE-2025-14764
Missing cryptographic key commitment in the Amazon S3 Encryption Client for Go may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigat...
SUSE CVE-2022-50815
In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This avoid trying to mount...
SUSE CVE-2022-50837
In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: avoid leaking ctx on dsatag8021qregister error path If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will leak. Make sure it is...
SUSE CVE-2025-10543
In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...
SUSE CVE-2022-50639
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been...
SUSE CVE-2023-53794
In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...
SUSE CVE-2025-40115
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix crash in transport port remove by using iocinfo During mpt3sastransportportremove, messages were logged with devprintk against &mpt3sasport-port-dev. At this point the SAS transport device may already be...
SUSE CVE-2005-3165
Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via 1 tags or 2 Extension or sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet...
SUSE CVE-2006-2082
Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when the svallowdownload cvar is enabled, allows remote attackers to read arbitrary files from the serve...
SUSE CVE-2006-6731
Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...
SUSE CVE-2010-3382
tauex in Tuning and Analysis Utilities TAU 2.16.4 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
SUSE CVE-2012-6097
File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab...
SUSE CVE-2016-6663
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster...
SUSE CVE-2018-18459
The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted pdf file, as demonstrated by pdftoppm...
SUSE CVE-2021-36783
A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE...
SUSE CVE-2026-53252
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...
SUSE CVE-2026-48928
A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
SUSE CVE-2026-12320
Information disclosure in the Password Manager component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
SUSE CVE-2024-38798
EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...
SUSE CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
SUSE CVE-2026-10725
Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...
SUSE CVE-2026-46279
In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...
SUSE CVE-2026-46294
In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...
SUSE CVE-2026-10896
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
SUSE CVE-2026-10962
Type Confusion in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-10985
Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-11129
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11153
Side-channel information leakage in Forms in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11250
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2026-11300
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2026-10972
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-26825
A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...
SUSE CVE-2026-50031
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...
SUSE CVE-2026-7666
An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...
SUSE CVE-2026-35193
An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header for requests bearing that header without Cache-Control: public, which allows remote attackers to read private...
SUSE CVE-2026-45678
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond th...