Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/05/01 2:12 a.m.•12 views

SUSE CVE-2026-5401

AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.00122EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/01 2:11 a.m.•12 views

SUSE CVE-2026-6519

MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.00171EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/01 2:11 a.m.•12 views

SUSE CVE-2026-6520

OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.00171EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/01 2:11 a.m.•12 views

SUSE CVE-2026-6524

MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.00124EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/01 2:3 a.m.•12 views

SUSE CVE-2026-42011

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

4.8CVSS5.8AI score0.00475EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/30 2:29 a.m.•12 views

SUSE CVE-2026-7322

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ES...

8.8CVSS6AI score0.00316EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/30 2:26 a.m.•12 views

SUSE CVE-2026-31691

In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...

4.4CVSS5.7AI score0.00112EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/30 2:25 a.m.•12 views

SUSE CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/30 2:25 a.m.•12 views

SUSE CVE-2026-41140

Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.datafilter is unavailable. Considering only Python versions which are still supporte...

8.7CVSS5.4AI score0.00294EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/28 11:30 p.m.•12 views

SUSE CVE-2026-23557

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/04/28 1:35 a.m.•12 views

SUSE CVE-2026-35332

unknown...

7.5CVSS5.1AI score
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/28 1:35 a.m.•12 views

SUSE CVE-2026-35334

unknown...

7.5CVSS5.2AI score
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/26 1:52 a.m.•12 views

SUSE CVE-2026-31685

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6teui64: reject invalid MAC header for all packets eui64mt6 derives a modified EUI-64 from the Ethernet source address and compares it with the low 64 bits of the IPv6 source address. The existing guard only rejects ...

7.4CVSS5.5AI score0.00337EPSS
Exploits0References28
SUSE CVE
SUSE CVE
•added 2026/04/25 1:39 a.m.•12 views

SUSE CVE-2026-31574

In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing resets of the nexteventforced flag The prevention mechanism against timer interrupt starvation missed to reset the nexteventforced flag in a couple of places: - When the clock event state changes. That ca...

5.5CVSS5.5AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/25 1:38 a.m.•12 views

SUSE CVE-2026-31581

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...

6.4CVSS5.6AI score0.00128EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/04/25 1:36 a.m.•12 views

SUSE CVE-2026-31663

In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transportfinish NFHOOK After async crypto completes, xfrminputresume calls devput immediately on re-entry before the skb reaches transportfinish. The skb-dev pointer is then used inside NFHOOK and i...

7.8CVSS5.4AI score0.00208EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/25 1:36 a.m.•12 views

SUSE CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

7CVSS5.6AI score0.004EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2026/04/24 1:44 a.m.•12 views

SUSE CVE-2009-3727

Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error message...

5CVSS5.8AI score0.04201EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:28 a.m.•12 views

SUSE CVE-2026-41168

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...

6.9CVSS5.6AI score0.00297EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•12 views

SUSE CVE-2026-6507

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

7.5CVSS5.7AI score0.00482EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•12 views

SUSE CVE-2026-22018

unknown...

3.7CVSS7.2AI score0.00269EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•12 views

SUSE CVE-2026-31440

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...

5.6AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•12 views

SUSE CVE-2026-31449

In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes ext4extcorrectindexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.pidx-eiblock, there is no validation...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•12 views

SUSE CVE-2026-31521

In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...

4.4CVSS5.6AI score0.00123EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•12 views

SUSE CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

8.1CVSS5.8AI score0.00283EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•12 views

SUSE CVE-2026-6771

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•12 views

SUSE CVE-2026-6780

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:36 a.m.•12 views

SUSE CVE-2026-40333

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...

6.1CVSS5.9AI score0.00218EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 11:25 p.m.•12 views

SUSE CVE-2026-41082

In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory...

5.1CVSS5.7AI score0.00205EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/15 1:42 p.m.•12 views

SUSE CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

6CVSS5.8AI score0.00132EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•12 views

SUSE CVE-2026-40199

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/11 9:23 a.m.•12 views

SUSE CVE-2026-34986

Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption JWE object will panic if t...

7.5CVSS5.9AI score0.00651EPSS
Exploits0References46
SUSE CVE
SUSE CVE
•added 2026/04/07 11:25 p.m.•12 views

SUSE CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

7.8CVSS5.9AI score0.00289EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34826

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Utils.getbyteranges parses the HTTP Range header without limiting the number of individual byte ranges. Although the existing fix for CVE-2024-26141 rejects ranges whose total byte coverage exceeds the...

5.3CVSS5.7AI score0.0038EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34831

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the...

4.8CVSS5.8AI score0.00147EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

9.1CVSS5.8AI score0.00204EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•12 views

SUSE CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

9.8CVSS5.9AI score0.00705EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•12 views

SUSE CVE-2026-23369

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•12 views

SUSE CVE-2026-4705

Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

5CVSS7.2AI score0.00418EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•12 views

SUSE CVE-2026-4712

Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

6.5CVSS7.2AI score0.00385EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•12 views

SUSE CVE-2026-4725

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

5.8CVSS7.2AI score0.00318EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:25 a.m.•12 views

SUSE CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...

8.2CVSS5.8AI score0.00154EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•12 views

SUSE CVE-2026-32246

Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization codes. An attacker who knows a user's password but not their TOTP secret can obtain...

8.5CVSS5.9AI score0.0027EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:23 a.m.•12 views

SUSE CVE-2026-33554

ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.6CVSS6AI score0.00403EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/15 12:28 a.m.•12 views

SUSE CVE-2025-15558

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe, docker-buildx.exe, etc. that are executed when a...

8CVSS5.8AI score0.00472EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/14 12:24 a.m.•12 views

SUSE CVE-2026-32239

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•12 views

SUSE CVE-2026-25802

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component MarkdownRenderer.jsx, allowing for Cross-Site ScriptingXSS when the model outputs items containing tag. Version...

7.6CVSS5.8AI score0.00222EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/27 12:25 a.m.•12 views

SUSE CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

5.3CVSS5.8AI score0.00599EPSS
Exploits1References14
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•12 views

SUSE CVE-2026-23209

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...

7.8CVSS5.2AI score0.00119EPSS
Exploits0References155
Total number of security vulnerabilities5000