Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/06/07 4:40 a.m.•11 views

SUSE CVE-2026-11264

Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00182EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:39 a.m.•11 views

SUSE CVE-2026-11277

Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00213EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:39 a.m.•11 views

SUSE CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00183EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:39 a.m.•11 views

SUSE CVE-2026-11286

Insufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00154EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:39 a.m.•11 views

SUSE CVE-2026-11291

Inappropriate implementation in Android Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00159EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:39 a.m.•11 views

SUSE CVE-2026-11301

Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicious network traffic. Chromium security severity: Low...

8.8CVSS5.5AI score0.00209EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•11 views

SUSE CVE-2026-11306

Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

8.8CVSS6AI score0.00224EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•11 views

SUSE CVE-2026-22004

unknown...

4.9CVSS7.4AI score0.00323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•11 views

SUSE CVE-2026-22005

unknown...

4.9CVSS7.4AI score0.00323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•11 views

SUSE CVE-2026-22017

unknown...

6.5CVSS7.4AI score0.00303EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•11 views

SUSE CVE-2026-34293

unknown...

4.9CVSS7.4AI score0.00323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•11 views

SUSE CVE-2026-35240

unknown...

4.9CVSS7.4AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:53 a.m.•11 views

SUSE CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

5.5CVSS4.9AI score0.00179EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:53 a.m.•11 views

SUSE CVE-2026-10899

Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS5.6AI score0.00286EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:53 a.m.•11 views

SUSE CVE-2026-11051

Out of bounds read in ANGLE in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00229EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:53 a.m.•11 views

SUSE CVE-2026-11112

Insufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00216EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:48 a.m.•11 views

SUSE CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

6.5CVSS5.4AI score0.00328EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:45 a.m.•11 views

SUSE CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

6.5CVSS5.5AI score0.00196EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/06 2:45 a.m.•11 views

SUSE CVE-2026-50259

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6AI score0.00165EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/05 3:14 a.m.•11 views

SUSE CVE-2026-24193

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution...

7.8CVSS5.9AI score0.00197EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/05 3:12 a.m.•11 views

SUSE CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:42 a.m.•11 views

SUSE CVE-2022-43467

An out-of-bounds write vulnerability exists in the PQS format coordfile functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS7.1AI score0.00843EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/06/04 2:42 a.m.•11 views

SUSE CVE-2022-46291

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...

7.8CVSS7AI score0.00816EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/06/04 2:42 a.m.•11 views

SUSE CVE-2022-46295

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...

7.8CVSS7.1AI score0.00863EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/06/04 2:31 a.m.•11 views

SUSE CVE-2025-71313

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:29 a.m.•11 views

SUSE CVE-2026-10705

A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...

3.1CVSS5.1AI score0.00287EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:27 a.m.•11 views

SUSE CVE-2026-28847

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

8.8CVSS7.3AI score0.00602EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/04 2:27 a.m.•11 views

SUSE CVE-2026-28905

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS5.8AI score0.00411EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/04 2:27 a.m.•11 views

SUSE CVE-2026-28946

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/04 2:27 a.m.•11 views

SUSE CVE-2026-28955

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/04 2:27 a.m.•11 views

SUSE CVE-2026-28958

This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/04 2:25 a.m.•11 views

SUSE CVE-2026-33245

React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...

8CVSS5.8AI score0.00188EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:24 a.m.•11 views

SUSE CVE-2026-42039

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. This vulnerability is fixed in 1.15.1 and...

7.5CVSS5.8AI score0.00744EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:24 a.m.•11 views

SUSE CVE-2026-42211

React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code execution RCE through external requests. This attack requires the application code to have an existing prototype pollution...

8.1CVSS6.4AI score0.00416EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:24 a.m.•11 views

SUSE CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

6.5CVSS5.8AI score0.0056EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•11 views

SUSE CVE-2026-45676

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

5.5CVSS5.7AI score0.00162EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•11 views

SUSE CVE-2026-45680

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the...

7.5CVSS5.7AI score0.00319EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•11 views

SUSE CVE-2026-45681

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. If a CPU mismatch occurs, OBI can...

5.9CVSS5.8AI score0.00287EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•11 views

SUSE CVE-2026-45682

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In long-running...

7.5CVSS5.7AI score0.00161EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•11 views

SUSE CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

7.5CVSS5.9AI score0.00353EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:22 a.m.•11 views

SUSE CVE-2026-46244

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

5.5CVSS5.8AI score0.0031EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•11 views

SUSE CVE-2026-46253

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistentramsaveold persistentramsaveold can be called multiple times for the same persistentramzone e.g., via ramoopspstoreread - ramoopsgetnextprz for PSTORETYPEDMESG records. Currently, the...

7.8CVSS5.9AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•11 views

SUSE CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

5.8AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•11 views

SUSE CVE-2026-46264

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devmaddactionorreset failure the provided cleanup action will be run immediately on the not yet initialized kobject. This may lead to errors like: kobject: 'null' ff110001393608e0: i...

5.8AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•11 views

SUSE CVE-2026-46269

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference. The crash trace showed: 0.732084 Unable to handle kernel NULL point...

5.8AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•11 views

SUSE CVE-2026-46272

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WARNON in tmcetrenablehw is triggered sometimes: WARNING: CPU: 42 PID: 3911571 at...

5.9AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/03 2:24 a.m.•11 views

SUSE CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

5.8AI score0.00305EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/03 2:24 a.m.•11 views

SUSE CVE-2026-42795

Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball. The file collection helpers gleamfiles, nativefiles, privatefiles in compiler-cli/src/fs.rs use followlinkstrue when walking publishable directories...

5.1CVSS5.9AI score0.00132EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/02 1:44 a.m.•11 views

SUSE CVE-2026-10267

A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may be used for attack...

4.8CVSS5.4AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/02 1:37 a.m.•11 views

SUSE CVE-2026-48711

unknown...

5.8AI score0.00021EPSS
Exploits0References4
Total number of security vulnerabilities5000