Lucene search
K
SusecveMost viewed

59855 matches found

SUSE CVE
SUSE CVE
•added 2026/06/16 2:19 a.m.•12 views

SUSE CVE-2026-50010

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleTrustManagerFactory.engineGetTrustManagers and related paths wrap any user-supplied plain X509TrustManager in X509TrustManagerWrapper, which extends...

7.5CVSS5.3AI score0.00269EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/15 1:20 a.m.•12 views

SUSE CVE-2026-53533

unknown...

5.3AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:28 a.m.•12 views

SUSE CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.1AI score0.00287EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:28 a.m.•12 views

SUSE CVE-2026-12011

Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.4AI score0.00246EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:28 a.m.•12 views

SUSE CVE-2026-12013

Determined not a vulnerability...

5.2AI score0.0024EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:28 a.m.•12 views

SUSE CVE-2026-12016

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00229EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:28 a.m.•12 views

SUSE CVE-2026-12019

Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:28 a.m.•12 views

SUSE CVE-2026-12020

Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00224EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:17 a.m.•12 views

SUSE CVE-2026-44250

Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive...

7.5CVSS5.3AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/13 2:17 a.m.•12 views

SUSE CVE-2026-45445

Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...

6.5CVSS5.7AI score0.0032EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11788

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

7.5CVSS5.5AI score0.00346EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11791

A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...

5CVSS5.8AI score0.00212EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/12 2:32 a.m.•12 views

SUSE CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

7.8CVSS6.5AI score0.00175EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/06/12 2:31 a.m.•12 views

SUSE CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5.9CVSS5.4AI score0.00261EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•12 views

SUSE CVE-2026-47712

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes ...

3.3CVSS5.3AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•12 views

SUSE CVE-2026-48858

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

6.5CVSS5.5AI score0.00234EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:24 a.m.•12 views

SUSE CVE-2026-53689

libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfszdrstring in lib/libnfs-zdr.c...

7.1CVSS5.4AI score0.00192EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/10 2:33 a.m.•12 views

SUSE CVE-2026-9698

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

7.8CVSS5.9AI score0.00376EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•12 views

SUSE CVE-2026-11623

A security vulnerability has been detected in tmux up to 3.6a. Affected is the function imagefree of the file image.c. Such manipulation leads to use after free. Local access is required to approach this attack. This attack is characterized by high complexity. The exploitability is told to be...

5.8CVSS4.6AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:31 a.m.•12 views

SUSE CVE-2026-11662

Type Confusion in Bindings in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00359EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:30 a.m.•12 views

SUSE CVE-2026-11684

Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:30 a.m.•12 views

SUSE CVE-2026-11687

Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:30 a.m.•12 views

SUSE CVE-2026-11698

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:28 a.m.•12 views

SUSE CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

6.5CVSS5.6AI score0.00805EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:28 a.m.•12 views

SUSE CVE-2026-35058

Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows authenticated attackers to trigger a fatal assertion and cause a denial of service via a specially crafted packet...

6.9CVSS5.4AI score0.00317EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:27 a.m.•12 views

SUSE CVE-2026-44119

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

6.5CVSS5.4AI score0.00171EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-46324

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use listdelrcu for netlink hooks nftnetdevunregisterhooks and nftunregisterflowtablenethooks need to use listdelrcu, this list can be walked by concurrent dumpers. Add a new helper and use it consistently...

7CVSS5.3AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-47895

unknown...

7.5CVSS5.4AI score
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

5.9CVSS5.4AI score0.00479EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•12 views

SUSE CVE-2026-52904

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly without unwinding the nvkmdevice that was just allocated by nvkmdevicepcine...

2.3CVSS5.4AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:28 a.m.•12 views

SUSE CVE-2025-71315

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

5.5AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46275

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

5.5CVSS5.4AI score0.00185EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46284

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46286

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

3.9CVSS5.3AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•12 views

SUSE CVE-2026-46288

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

5.5CVSS5.5AI score0.0014EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46293

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: mpfs-ccc: fix out of bounds access during output registration UBSAN reported an out of bounds access during registration of the last two outputs. This out of bounds access occurs because space is only allocated in...

5.5CVSS5.4AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46298

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

5.5CVSS5.5AI score0.00074EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46301

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind...

6.4CVSS5.4AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46303

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

2.5CVSS5.6AI score0.00278EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46307

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

4.3CVSS5.4AI score0.0022EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•12 views

SUSE CVE-2026-46308

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix use-after-free in scpsysgetbusprotectionlegacy In scpsysgetbusprotectionlegacy, offindnodewithproperty returns a device node with its reference count incremented. The function then calls ofnodeputnode befo...

7CVSS5.4AI score0.00115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10881

Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10884

Use after free in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10897

Inappropriate implementation in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10905

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10909

Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10911

Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00305EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10914

Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10915

Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00275EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•12 views

SUSE CVE-2026-10921

Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
Total number of security vulnerabilities5000