Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/05/09 2:41 a.m.•12 views

SUSE CVE-2026-43170

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:40 a.m.•12 views

SUSE CVE-2026-43265

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

4.7CVSS5.7AI score0.00119EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/09 2:39 a.m.•12 views

SUSE CVE-2026-43277

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:39 a.m.•12 views

SUSE CVE-2026-43397

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fix memory leak in error path In samsungdsimhostattach, drmbridgeadd is called to add the bridge. However, if samsungdsimregisterteirq or pdata-hostops-attach fails afterwards, the function returns witho...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:39 a.m.•12 views

SUSE CVE-2026-43411

In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipcskfilterconnect A user can set conntimeout to any value via setsockoptTIPCCONNTIMEOUT, including values less than 4. When a SYN is rejected with TIPCERROVERLOAD and the retry path in...

5.9CVSS5.8AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/09 2:39 a.m.•12 views

SUSE CVE-2026-44928

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

5.3CVSS5.8AI score0.00211EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:43 a.m.•12 views

SUSE CVE-2013-0804

The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service incorrect pointer dereference via unspecified vectors...

10CVSS6.2AI score0.12398EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/08 2:27 a.m.•12 views

SUSE CVE-2026-7904

Out of bounds read in Fonts in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:27 a.m.•12 views

SUSE CVE-2026-7909

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.7AI score0.00187EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:26 a.m.•12 views

SUSE CVE-2026-7933

Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:26 a.m.•12 views

SUSE CVE-2026-7937

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:26 a.m.•12 views

SUSE CVE-2026-7940

Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00196EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:26 a.m.•12 views

SUSE CVE-2026-7971

Inappropriate implementation in ORB in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.3CVSS5.7AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:26 a.m.•12 views

SUSE CVE-2026-7973

Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.9AI score0.00224EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:25 a.m.•12 views

SUSE CVE-2026-7990

Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS5.8AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:25 a.m.•12 views

SUSE CVE-2026-7994

Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS5.8AI score0.00108EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:25 a.m.•12 views

SUSE CVE-2026-7997

Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...

7.8CVSS5.8AI score0.0008EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:21 a.m.•12 views

SUSE CVE-2026-41675

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled processing instruction data to be serialized into XML without...

8.7CVSS5.8AI score0.00408EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:19 a.m.•12 views

SUSE CVE-2026-43261

In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB Branch History Buffer attack, which can be exploited to leak information through branch prediction side channels. This...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/05/08 2:19 a.m.•12 views

SUSE CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

9.1CVSS5.8AI score0.00342EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:21 a.m.•12 views

SUSE CVE-2026-31757

In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:21 a.m.•12 views

SUSE CVE-2026-32936

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS DoH GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decoding, and DNS message unpacking before rejecting the request. Unlike the POST path, which applies a...

7.5CVSS5.7AI score0.00672EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:20 a.m.•12 views

SUSE CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:19 a.m.•12 views

SUSE CVE-2026-43048

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:19 a.m.•12 views

SUSE CVE-2026-43076

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...

7.8CVSS5.9AI score0.00131EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/07 2:18 a.m.•12 views

SUSE CVE-2026-43099

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmpbuildprobe ipv6stub-ipv6devfind may return ERRPTR-EAFNOSUPPORT when the IPv6 stack is not active CONFIGIPV6=m and not loaded, and passing this error pointer to devhold will cause a kernel cra...

7.5CVSS5.8AI score0.0049EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:18 a.m.•12 views

SUSE CVE-2026-43100

In the Linux kernel, the following vulnerability has been resolved: bridge: guard local VLAN-0 FDB helpers against NULL vlan group When CONFIGBRIDGEVLANFILTERING is not set, brvlangroup and nbpvlangroup return NULL brprivate.h stub definitions. The BRBOOLOPTFDBLOCALVLAN0 toggle code is compiled...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:18 a.m.•12 views

SUSE CVE-2026-43107

In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:18 a.m.•12 views

SUSE CVE-2026-43112

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...

5.5CVSS5.8AI score0.00352EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/07 2:17 a.m.•12 views

SUSE CVE-2026-43163

In the Linux kernel, the following vulnerability has been resolved: md/bitmap: fix GPF in writepage caused by resize race A General Protection Fault occurs in writepage during array resize: RIP: 0010:writepage+0x22b/0x3c0 mdmod This is a use-after-free race between bitmapdaemonwork and...

5.8AI score0.00091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:17 a.m.•12 views

SUSE CVE-2026-43217

In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...

5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:17 a.m.•12 views

SUSE CVE-2026-43225

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix memory leak on failure path cfg80211informbssframe may return NULL on failure. In that case, the allocated buffer 'buf' is not freed and the function returns early, leading to potential memory leak. Fix th...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:16 a.m.•12 views

SUSE CVE-2026-43242

In the Linux kernel, the following vulnerability has been resolved: soc: ti: k3-socinfo: Fix regmap leak on probe failure The mmio regmap allocated during probe is never freed. Switch to using the device managed allocator so that the regmap is released on probe failures e.g. probe deferral and on...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:16 a.m.•12 views

SUSE CVE-2026-43249

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen9pfsfrontfree against concurrent calls The xenwatch thread can race with other back-end change notifications and call xen9pfsfrontfree twice, hitting the observed general protection fault due to a double-free...

6.3CVSS5.8AI score0.00241EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/05/07 2:16 a.m.•12 views

SUSE CVE-2026-43250

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This occurs becau...

5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:16 a.m.•12 views

SUSE CVE-2026-43257

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in sndcx88hwparams In error path, add cx88alsadmaunmap to release resource acquired by cx88alsadmamap...

5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:16 a.m.•12 views

SUSE CVE-2026-43275

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Flush exception handling work when RPM level is zero Ensure that the exception event handling work is explicitly flushed during suspend when the runtime power management level is set to UFSPMLVL0. When the RPM...

5.7AI score0.00091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:43 a.m.•12 views

SUSE CVE-2026-31721

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:43 a.m.•12 views

SUSE CVE-2026-31728

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference. Specifically, if ethstop is triggered concurrently while getherdisconne...

4.7CVSS5.7AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:43 a.m.•12 views

SUSE CVE-2026-31734

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:43 a.m.•12 views

SUSE CVE-2026-31753

In the Linux kernel, the following vulnerability has been resolved: auxdisplay: line-display: fix NULL dereference in linedisprelease linedisprelease currently retrieves the enclosing struct linedisp via tolinedisp. That lookup depends on the attachment list, but the attachment may already have...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:42 a.m.•12 views

SUSE CVE-2026-31761

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Move iiodeviceregister to correct location iiodeviceregister should be at the end of the probe function to prevent race conditions. Place iiodeviceregister at the end of the probe function and place...

7.8CVSS5.7AI score0.001EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/06 1:42 a.m.•12 views

SUSE CVE-2026-31762

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix irq resource leak The interrupt handler is setup but only a few lines down if iiotriggerregister fails the function returns without properly releasing the handler. Add cleanup goto to resolve resource leak...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:42 a.m.•12 views

SUSE CVE-2026-31766

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate doorbelloffset in user queue creation amdgpuuserqgetdoorbellindex passes the user-provided doorbelloffset to amdgpudoorbellindexonbar without bounds checking. An arbitrarily large doorbelloffset can cause the...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:42 a.m.•12 views

SUSE CVE-2026-31769

In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the descriptor via...

7.8CVSS5.7AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:42 a.m.•12 views

SUSE CVE-2026-31772

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix stack buffer overflow in hcilebigcreatesync hcilebigcreatesync uses DEFINEFLEX to allocate a struct hcicplebigcreatesync on the stack with room for 0x11 17 BIS entries. However, conn-numbis can hold up to...

7.8CVSS5.9AI score0.00142EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:42 a.m.•12 views

SUSE CVE-2026-31780

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation The variable valuesize is declared as u8 but accumulates the total length of all SSIDs to scan. Each SSID contributes up to 33 bytes IEEE80211MAXSSIDLEN + 1, an...

7.8CVSS5.9AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:40 a.m.•12 views

SUSE CVE-2026-43044

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/06 1:40 a.m.•12 views

SUSE CVE-2026-43072

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platformgetirqbyname returns an int platformgetirqbyname will return a negative value if an error happens, so it should be checked and not just passed directly into devmrequestthreadedirq hoping all will be ok...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:40 a.m.•12 views

SUSE CVE-2026-43073

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

6.3CVSS5.7AI score0.00117EPSS
Exploits0References3
Total number of security vulnerabilities5000