Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/05/18 1:22 p.m.•13 views

SUSE CVE-2026-8401

Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

8.3CVSS5.8AI score0.00313EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/05/16 6:2 p.m.•13 views

SUSE CVE-2026-44774

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.insecure=false setting. The Gateway provider...

9.9CVSS5.8AI score0.00457EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:16 a.m.•13 views

SUSE CVE-2026-4152

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.6AI score0.00744EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/16 1:15 a.m.•13 views

SUSE CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:15 a.m.•13 views

SUSE CVE-2026-8516

Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity:...

5.3CVSS5.8AI score0.00219EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:15 a.m.•13 views

SUSE CVE-2026-8521

Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

7.5CVSS6.2AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•13 views

SUSE CVE-2026-8560

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00251EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•13 views

SUSE CVE-2026-8561

Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.8AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•13 views

SUSE CVE-2026-8582

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:12 a.m.•13 views

SUSE CVE-2026-41181

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors custom error pages middleware. When the backend returns a response matching the configured status range, the middleware forwards the...

5.8CVSS5.8AI score0.00445EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•13 views

SUSE CVE-2026-43996

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•13 views

SUSE CVE-2026-44348

PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp. If EVPDigestFinal fails after buf has already been freed, the Error label frees buf a second time, causing heap...

2.5CVSS5.7AI score0.00096EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/15 2:0 a.m.•13 views

SUSE CVE-2026-1188

In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not accounting for the separator inserted between processor features. If the output buffer supplied to this function was incorrectly sized, failing to...

8.1CVSS7.6AI score0.00491EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/05/15 1:58 a.m.•13 views

SUSE CVE-2026-42561

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multipart has a denial of service vulnerability in multipart part header parsing. When parsing multipart/form-data, MultipartParser previously had no limit on the number of part headers or the size of an individu...

7.5CVSS5.8AI score0.00549EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/05/15 1:58 a.m.•13 views

SUSE CVE-2026-42578

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...

7.5CVSS5.9AI score0.00667EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/14 3:30 a.m.•13 views

SUSE CVE-2003-0098

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server...

10CVSS5.8AI score0.05174EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/14 3:1 a.m.•13 views

SUSE CVE-2026-42945

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...

8.6CVSS6.4AI score0.61469EPSS
Exploits40References13
SUSE CVE
SUSE CVE
•added 2026/05/13 3:48 a.m.•13 views

SUSE CVE-2026-4802

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

8.8CVSS6AI score0.01016EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/13 3:48 a.m.•13 views

SUSE CVE-2026-4891

A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...

5.3CVSS5.8AI score0.06226EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/05/13 3:48 a.m.•13 views

SUSE CVE-2026-7817

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

7.1CVSS6AI score0.00217EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:48 a.m.•13 views

SUSE CVE-2026-7818

Deserialization of untrusted data CWE-502 in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents using Python's standard object-serialization module before performing any HMAC integrity check. Any file dropped into the sessions directo...

7.3CVSS6.5AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:38 a.m.•13 views

SUSE CVE-2026-33603

Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and...

6.8CVSS5.8AI score0.00222EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/13 3:37 a.m.•13 views

SUSE CVE-2026-41256

jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by \x00 and arbitrary suffix compiles and executes as only the prefix before...

5.5CVSS5.9AI score0.00158EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:37 a.m.•13 views

SUSE CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond 1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for a...

7CVSS5.8AI score0.00142EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•13 views

SUSE CVE-2026-43329

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: strictly check for maximum number of actions The maximum number of flowtable hardware offload actions in IPv6 is: ethernet mangling 4 payload actions, 2 for each ethernet address SNAT 4 payload actions DNAT ...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•13 views

SUSE CVE-2026-43334

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: force responder MITM requirements before building the pairing response smpcmdpairingreq currently builds the pairing response from the initiator authreq before enforcing the local BTSECURITYHIGH requirement. If th...

8.1CVSS5.7AI score0.00252EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•13 views

SUSE CVE-2026-43336

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: chacha: Zeroize permutedstate before it leaves scope Since the ChaCha permutation is invertible, the local variable 'permutedstate' is sufficient to compute the original 'state', and thus the key, even after the...

7.5CVSS5.8AI score0.00425EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•13 views

SUSE CVE-2026-43354

In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in setsampfreq Avoid division by zero when sampling frequency is unspecified...

5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•13 views

SUSE CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•13 views

SUSE CVE-2026-43436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descriptor is passed, since it assumes the presence of an...

5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•13 views

SUSE CVE-2026-43437

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in sndpcmdrain In the drain loop, the local variable 'runtime' is reassigned to a linked stream's runtime runtime = s-runtime at line 2157. After releasing the stream lock at...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•13 views

SUSE CVE-2026-43445

In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•13 views

SUSE CVE-2026-43469

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrement rereceiving on the early exit paths In the event that rpcrdmapostrecvs fails to create a work request due to memory allocation failure, say or otherwise exits early, we should decrement ep-rereceiving before...

5.5CVSS5.7AI score0.0038EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•13 views

SUSE CVE-2026-43896

jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded recursion in jvobjectmergerecursive allows a crafted jq program to crash the process with a segfault. The function is reachable through the operator when both operands are objects...

5.5CVSS5.8AI score0.00154EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•13 views

SUSE CVE-2026-44777

jq is a command-line JSON processor. In 1.8.2rc1 and earlier, the ordinary module loader recurses without cycle detection when two otherwise valid modules include each other...

5.5CVSS5.8AI score0.00161EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/12 3:31 a.m.•13 views

SUSE CVE-2026-41506

go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. This issue has been patched in versions 5.18.0 and 6.0.0-alpha....

6.5CVSS5.7AI score0.00259EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/12 3:30 a.m.•13 views

SUSE CVE-2026-43346

In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF which doesn't own the source timer. In that case the PTP controlling PF adapter-ctrlpf is never...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:38 p.m.•13 views

SUSE CVE-2025-14179

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...

9.8CVSS5.8AI score0.00298EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/05/11 2:17 p.m.•13 views

SUSE CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

7CVSS5.9AI score0.00455EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/11 2:16 p.m.•13 views

SUSE CVE-2026-8261

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS5.9AI score0.00154EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:14 p.m.•13 views

SUSE CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:14 p.m.•13 views

SUSE CVE-2026-43360

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on file creation due to name hash collision If we attempt to create several files with names that result in the same hash, we have to pack them in same dir item and that has a limit inherent to the le...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•13 views

SUSE CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•13 views

SUSE CVE-2026-43473

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation o...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:54 a.m.•13 views

SUSE CVE-2025-14576

Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...

7.8CVSS6.1AI score0.00224EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/09 2:46 a.m.•13 views

SUSE CVE-2026-8086

A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly...

7.8CVSS5.9AI score0.00237EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:43 a.m.•13 views

SUSE CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/09 2:43 a.m.•13 views

SUSE CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

5.3CVSS5.8AI score0.0039EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/09 2:42 a.m.•13 views

SUSE CVE-2026-42499

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...

7.5CVSS5.8AI score0.00798EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/09 2:41 a.m.•13 views

SUSE CVE-2026-43157

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...

5.7AI score0.00128EPSS
Exploits0References3
Total number of security vulnerabilities5000