Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/25 1:36 a.m.•12 views

SUSE CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

7CVSS5.6AI score0.004EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2026/04/24 1:44 a.m.•12 views

SUSE CVE-2009-3727

Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error message...

5CVSS5.8AI score0.04201EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:28 a.m.•12 views

SUSE CVE-2026-41168

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...

6.9CVSS5.6AI score0.00297EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•12 views

SUSE CVE-2026-6507

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

7.5CVSS5.7AI score0.00482EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•12 views

SUSE CVE-2026-22018

unknown...

3.7CVSS7.2AI score0.00269EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•12 views

SUSE CVE-2026-31440

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...

5.6AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•12 views

SUSE CVE-2026-31449

In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes ext4extcorrectindexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.pidx-eiblock, there is no validation...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•12 views

SUSE CVE-2026-31521

In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...

4.4CVSS5.6AI score0.00123EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•12 views

SUSE CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

8.1CVSS5.8AI score0.00283EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•12 views

SUSE CVE-2026-6771

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•12 views

SUSE CVE-2026-6780

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:36 a.m.•12 views

SUSE CVE-2026-40333

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...

6.1CVSS5.9AI score0.00218EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 11:25 p.m.•12 views

SUSE CVE-2026-41082

In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory...

5.1CVSS5.7AI score0.00205EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/15 1:42 p.m.•12 views

SUSE CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

6CVSS5.8AI score0.00132EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•12 views

SUSE CVE-2026-40199

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...

6.5CVSS5.8AI score0.00307EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/11 9:23 a.m.•12 views

SUSE CVE-2026-34986

Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption JWE object will panic if t...

7.5CVSS5.9AI score0.00651EPSS
Exploits0References46
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•12 views

SUSE CVE-2026-5902

Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. Chromium security severity: Low...

7.3AI score0.00212EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/07 11:25 p.m.•12 views

SUSE CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

7.8CVSS5.9AI score0.00289EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34826

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Utils.getbyteranges parses the HTTP Range header without limiting the number of individual byte ranges. Although the existing fix for CVE-2024-26141 rejects ranges whose total byte coverage exceeds the...

5.3CVSS5.7AI score0.0038EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34831

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the...

4.8CVSS5.8AI score0.00147EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

9.1CVSS5.8AI score0.00204EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•12 views

SUSE CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•12 views

SUSE CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

9.8CVSS5.9AI score0.00705EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•12 views

SUSE CVE-2026-23305

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could be the case with EPROBEDEFER, we need to properly unwind by decrementing the counter we just incremented and if this is the first core we...

7.1CVSS5.7AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•12 views

SUSE CVE-2026-23321

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk-pm.localaddrused == 0 WARNING: net/mptcp/pmkernel.c:1071 at...

3.3CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•12 views

SUSE CVE-2026-23369

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•12 views

SUSE CVE-2026-4705

Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

5CVSS7.2AI score0.00418EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•12 views

SUSE CVE-2026-4712

Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

6.5CVSS7.2AI score0.00385EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•12 views

SUSE CVE-2026-4716

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

6.3CVSS7.2AI score0.00407EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•12 views

SUSE CVE-2026-4725

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

5.8CVSS7.2AI score0.00318EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:25 a.m.•12 views

SUSE CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...

8.2CVSS5.8AI score0.00154EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•12 views

SUSE CVE-2026-32246

Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization codes. An attacker who knows a user's password but not their TOTP secret can obtain...

8.5CVSS5.9AI score0.0027EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:23 a.m.•12 views

SUSE CVE-2026-33554

ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.6CVSS6AI score0.00403EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/15 12:28 a.m.•12 views

SUSE CVE-2025-15558

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe, docker-buildx.exe, etc. that are executed when a...

8CVSS5.8AI score0.00472EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/14 12:24 a.m.•12 views

SUSE CVE-2026-32239

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•12 views

SUSE CVE-2026-25802

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component MarkdownRenderer.jsx, allowing for Cross-Site ScriptingXSS when the model outputs items containing tag. Version...

7.6CVSS5.8AI score0.00222EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/27 12:25 a.m.•12 views

SUSE CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

5.3CVSS5.8AI score0.00599EPSS
Exploits1References14
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•12 views

SUSE CVE-2026-23209

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...

7.8CVSS5.2AI score0.00119EPSS
Exploits0References155
SUSE CVE
SUSE CVE
•added 2026/02/15 12:24 a.m.•12 views

SUSE CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.2202EPSS
Exploits12References3
SUSE CVE
SUSE CVE
•added 2026/02/07 12:23 a.m.•12 views

SUSE CVE-2026-25160

Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application disables TLS certificate verification by default for all outgoing storage driver communications, making the system vulnerable to Man-in-the-Middle MitM attacks. This...

9.1CVSS5.1AI score0.00234EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/06 12:34 a.m.•12 views

SUSE CVE-2025-61732

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

9.6CVSS5.3AI score0.00472EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•12 views

SUSE CVE-2026-23015

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 1:37 a.m.•12 views

SUSE CVE-2020-37011

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...

8.4CVSS5.8AI score0.00411EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:27 a.m.•12 views

SUSE CVE-2025-71159

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free warning in btrfsgetorcreatedelayednode Previously, btrfsgetorcreatedelayednode set the delayednode's refcount before acquiring the root-delayednodes lock. Commit e8513c012de7 "btrfs: implement reftracker...

7.8CVSS5.8AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/27 12:28 a.m.•12 views

SUSE CVE-2025-68671

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

6.5CVSS5.9AI score0.00239EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•12 views

SUSE CVE-2026-23003

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

6.6CVSS5.2AI score0.00468EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•12 views

SUSE CVE-2026-23011

In the Linux kernel, the following vulnerability has been resolved: ipv4: ipgre: make ipgreheader robust Analog to commit db5b4e39c4e6 "ip6gre: make ip6greheader robust" Over the years, syzbot found many ways to crash the kernel in ipgreheader 1. This involves team or bonding drivers ability to...

5.5CVSS5.2AI score0.00187EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•12 views

SUSE CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

7.8CVSS5.2AI score0.00152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/25 12:24 a.m.•12 views

SUSE CVE-2025-71158

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel hardware this driver was written for was not hotpluggable, so I never realized it. This change uses a...

5.5CVSS5.3AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/14 12:34 a.m.•12 views

SUSE CVE-2022-21592

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...

4.3CVSS4.8AI score0.00653EPSS
Exploits0References2
Total number of security vulnerabilities5000