Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2023/02/15 3:54 a.m.•15 views

SUSE CVE-2020-24999

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...

7.8CVSS7.5AI score0.01055EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:49 a.m.•14 views

SUSE CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS5.8AI score0.00265EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/26 2:8 a.m.•14 views

SUSE CVE-2026-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...

5.8AI score0.00189EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:34 a.m.•14 views

SUSE CVE-2026-12706

A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...

6.5CVSS6AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:29 a.m.•14 views

SUSE CVE-2026-7383

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

5.9CVSS6.3AI score0.00358EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/06/13 2:29 a.m.•14 views

SUSE CVE-2026-9076

Issue summary: When CMS password-based decryption RFC 3211 / PWRI key unwrap processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kekunwrapkey. Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of...

3.7CVSS5.7AI score0.00297EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/06/13 2:28 a.m.•14 views

SUSE CVE-2026-12012

Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

8.1CVSS5.4AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•14 views

SUSE CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

4.9CVSS5.7AI score0.00282EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:33 a.m.•14 views

SUSE CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

4.7CVSS5.4AI score0.00376EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:33 a.m.•14 views

SUSE CVE-2026-10028

A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by presenting a specially crafted certificate chain to an application that uses glib-networking with the GnuTLS backend enabled and performs certificate verification. This crafted chain, which contains circular...

4.3CVSS5.5AI score0.00184EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•14 views

SUSE CVE-2026-11628

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: Critical...

6.8CVSS5.4AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:27 a.m.•14 views

SUSE CVE-2026-10879

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...

5.5CVSS5.7AI score0.00413EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•14 views

SUSE CVE-2026-10887

Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.1CVSS6AI score0.00404EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•14 views

SUSE CVE-2026-10895

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•14 views

SUSE CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•14 views

SUSE CVE-2026-10924

Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•14 views

SUSE CVE-2026-10949

Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.0031EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•14 views

SUSE CVE-2026-10977

Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.5AI score0.00336EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•14 views

SUSE CVE-2026-10981

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. Chromium security severity: High...

6.5CVSS5.5AI score0.00284EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:48 a.m.•14 views

SUSE CVE-2026-10996

Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00262EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•14 views

SUSE CVE-2026-11024

Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.8AI score0.00352EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:45 a.m.•14 views

SUSE CVE-2026-11086

Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:44 a.m.•14 views

SUSE CVE-2026-11129

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:44 a.m.•14 views

SUSE CVE-2026-11135

Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:43 a.m.•14 views

SUSE CVE-2026-11163

Use after free in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00234EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:43 a.m.•14 views

SUSE CVE-2026-11171

Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.1AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:40 a.m.•14 views

SUSE CVE-2026-11250

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

9.6CVSS5.5AI score0.00239EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:39 a.m.•14 views

SUSE CVE-2026-11284

Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00237EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:39 a.m.•14 views

SUSE CVE-2026-11304

Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: Low...

8.8CVSS5.5AI score0.00187EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•14 views

SUSE CVE-2026-11307

Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

8.8CVSS6AI score0.00228EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/06 2:53 a.m.•14 views

SUSE CVE-2026-10894

Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:53 a.m.•14 views

SUSE CVE-2026-11160

Out of bounds read in Input in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00229EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/05 3:16 a.m.•14 views

SUSE CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

6.7CVSS5.7AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:25 a.m.•14 views

SUSE CVE-2026-34077

React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/03 2:23 a.m.•14 views

SUSE CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.9AI score0.00152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/02 1:44 a.m.•14 views

SUSE CVE-2026-10230

A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::readanimations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally...

5.3CVSS6.1AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/02 1:40 a.m.•14 views

SUSE CVE-2026-42502

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6AI score0.00178EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/06/02 1:38 a.m.•14 views

SUSE CVE-2026-45352

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...

7.5CVSS5.7AI score0.00327EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/02 1:37 a.m.•14 views

SUSE CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References18
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•14 views

SUSE CVE-2026-9895

Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•14 views

SUSE CVE-2026-9898

Insufficient validation of untrusted input in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•14 views

SUSE CVE-2026-9913

Inappropriate implementation in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•14 views

SUSE CVE-2026-9916

Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•14 views

SUSE CVE-2026-9925

Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•14 views

SUSE CVE-2026-9926

Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS6AI score0.00246EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:17 a.m.•14 views

SUSE CVE-2026-9929

Inappropriate implementation in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00209EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:17 a.m.•14 views

SUSE CVE-2026-9930

Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00191EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:17 a.m.•14 views

SUSE CVE-2026-9934

Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00255EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:17 a.m.•14 views

SUSE CVE-2026-9938

Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00319EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:17 a.m.•14 views

SUSE CVE-2026-9940

Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00259EPSS
Exploits0References3
Total number of security vulnerabilities5000