Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/06/13 2:17 a.m.•12 views

SUSE CVE-2026-44890

Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending crafted Redis payloads across multiple connections without \r\n. This exhausts the server's direct...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:16 a.m.•12 views

SUSE CVE-2026-49760

Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erlinterface/src/misc/eiprintterm.c and program routine eisprintterm. The C function eisprintterm uses an internal 2000-character stack...

6.9CVSS5.6AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:33 a.m.•12 views

SUSE CVE-2026-3886

unknown...

7.2AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-6322

fast-uri normalize decoded percent-encoded authority delimiters inside the host component and then re-emitted them as raw delimiters during serialization. A host that combined an allowed domain, an encoded at-sign, and a different domain was re-emitted with the at-sign as a raw userinfo separator...

7.5CVSS5.4AI score0.00475EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-8863

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...

7.8CVSS6AI score0.00097EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-10143

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS5.5AI score0.00517EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11785

A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated users...

4.3CVSS5.3AI score0.00179EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11786

A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation...

6.5CVSS5.7AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11789

A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication...

6.5CVSS5.7AI score0.00282EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11790

A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause excessive CPU consumption during authentication,...

4.9CVSS5.4AI score0.00291EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11792

A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...

3.3CVSS5.7AI score0.00258EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11824

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/06/10 2:33 a.m.•12 views

SUSE CVE-2026-9698

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

7.8CVSS5.9AI score0.00376EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•12 views

SUSE CVE-2026-11623

A security vulnerability has been detected in tmux up to 3.6a. Affected is the function imagefree of the file image.c. Such manipulation leads to use after free. Local access is required to approach this attack. This attack is characterized by high complexity. The exploitability is told to be...

5.8CVSS4.6AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:31 a.m.•12 views

SUSE CVE-2026-11662

Type Confusion in Bindings in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00359EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:30 a.m.•12 views

SUSE CVE-2026-11684

Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:30 a.m.•12 views

SUSE CVE-2026-11687

Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:30 a.m.•12 views

SUSE CVE-2026-11698

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:28 a.m.•12 views

SUSE CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

6.5CVSS5.6AI score0.00805EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:28 a.m.•12 views

SUSE CVE-2026-35058

Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows authenticated attackers to trigger a fatal assertion and cause a denial of service via a specially crafted packet...

6.9CVSS5.4AI score0.00317EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:28 a.m.•12 views

SUSE CVE-2026-42490

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

4.1CVSS5.8AI score0.002EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/06/10 2:27 a.m.•12 views

SUSE CVE-2026-44119

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

6.5CVSS5.4AI score0.00171EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-46324

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use listdelrcu for netlink hooks nftnetdevunregisterhooks and nftunregisterflowtablenethooks need to use listdelrcu, this list can be walked by concurrent dumpers. Add a new helper and use it consistently...

7CVSS5.3AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-47895

unknown...

7.5CVSS5.4AI score
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

5.9CVSS5.4AI score0.00479EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-52904

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly without unwinding the nvkmdevice that was just allocated by nvkmdevicepcine...

2.3CVSS5.4AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:28 a.m.•12 views

SUSE CVE-2025-71315

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

5.5AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46275

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

5.5CVSS5.4AI score0.00185EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46281

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46284

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46286

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

3.9CVSS5.3AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46293

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...

5.5CVSS5.4AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46298

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

5.5CVSS5.5AI score0.00074EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46301

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind...

6.4CVSS5.4AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46303

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

2.5CVSS5.6AI score0.00278EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46308

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix use-after-free in scpsysgetbusprotectionlegacy In scpsysgetbusprotectionlegacy, offindnodewithproperty returns a device node with its reference count incremented. The function then calls ofnodeputnode befo...

7CVSS5.4AI score0.00115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-48112

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...

3.3CVSS5.6AI score0.00267EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10881

Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10884

Use after free in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10897

Inappropriate implementation in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10905

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10914

Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10915

Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00275EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•12 views

SUSE CVE-2026-10921

Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•12 views

SUSE CVE-2026-10935

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00393EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•12 views

SUSE CVE-2026-10942

Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...

7.8CVSS5.4AI score0.00124EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•12 views

SUSE CVE-2026-10947

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00493EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•12 views

SUSE CVE-2026-10956

Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•12 views

SUSE CVE-2026-10960

Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00291EPSS
Exploits0References2
Total number of security vulnerabilities5000