Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
•added 2026/04/24 1:46 a.m.•11 views

SUSE CVE-2008-5091

Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service application crash via vectors involving an "invalid extensibleMatch filter."...

10CVSS5.8AI score0.02123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:36 a.m.•11 views

SUSE CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

7.8CVSS5.9AI score0.00233EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/04/24 1:34 a.m.•11 views

SUSE CVE-2026-6019

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

3.8CVSS5.7AI score0.00229EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/04/24 1:28 a.m.•11 views

SUSE CVE-2026-41176

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and pri...

9.8CVSS5.8AI score0.34734EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:27 a.m.•11 views

SUSE CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS6AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•11 views

SUSE CVE-2026-6507

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

7.5CVSS5.7AI score0.00482EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•11 views

SUSE CVE-2026-31459

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix paramctx leak on damonsysfsnewtestctx failure Patch series "mm/damon/sysfs: fix memory leak and NULL dereference issues", v4. DAMONSYSFS can leak memory under allocation failure, and do NULL pointer dereferenc...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•11 views

SUSE CVE-2026-31488

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes in DSC validation Starting with commit 17ce8a6907f7 "drm/amd/display: Add dsc pre-validation in atomic check", amdgpu resets the CRTC state modechanged flag to false when...

6.4CVSS5.6AI score0.00135EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•11 views

SUSE CVE-2026-31507

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•11 views

SUSE CVE-2026-33593

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS5.7AI score0.00381EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•11 views

SUSE CVE-2026-6773

Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:37 a.m.•11 views

SUSE CVE-2026-35587

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

8.8CVSS5.9AI score0.00396EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/21 12:16 p.m.•11 views

SUSE CVE-2026-40244

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

7.8CVSS5.8AI score0.00427EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•11 views

SUSE CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS5.9AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/08 11:26 p.m.•11 views

SUSE CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

7.3CVSS6.5AI score0.00225EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•11 views

SUSE CVE-2026-34831

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the...

4.8CVSS5.8AI score0.00147EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•11 views

SUSE CVE-2026-34835

Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Request parses the Host header using an AUTHORITY regular expression that accepts characters not permitted in RFC-compliant hostnames, including /, ?, , and @. Because req.hos...

6.5CVSS5.8AI score0.00192EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/03/28 12:27 a.m.•11 views

SUSE CVE-2026-32285

The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...

5.5CVSS5.9AI score0.0075EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2026/03/28 12:25 a.m.•11 views

SUSE CVE-2026-33532

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

4.3CVSS6.1AI score0.00469EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/28 12:25 a.m.•11 views

SUSE CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

6.4CVSS5.8AI score0.0018EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/26 5:7 p.m.•11 views

SUSE CVE-2026-33223

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header Nats-Request-Info: is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages was...

6.4CVSS5.9AI score0.00211EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/26 10:9 a.m.•11 views

SUSE CVE-2025-14443

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

6.4CVSS5.8AI score0.00306EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•11 views

SUSE CVE-2026-23279

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

6.5CVSS5.8AI score0.00136EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23312

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

4.6CVSS5.8AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23317

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that returned an error code...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References80
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23321

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk-pm.localaddrused == 0 WARNING: net/mptcp/pmkernel.c:1071 at...

3.3CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23327

In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxlpayloadfromuserallowed cxlpayloadfromuserallowed casts and dereferences the input payload without first verifying its size. When a raw mailbox command is sent with a...

5.5CVSS5.7AI score0.00124EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:53 p.m.•11 views

SUSE CVE-2026-33515

Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding...

6.9CVSS5.9AI score0.01039EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•11 views

SUSE CVE-2026-4716

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

6.3CVSS7.2AI score0.00407EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 12:25 a.m.•11 views

SUSE CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...

8.2CVSS5.8AI score0.00154EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•11 views

SUSE CVE-2026-31807

SiYuan is a personal knowledge management system. Prior to 3.5.10, SiYuan's SVG sanitizer SanitizeSVG blocks dangerous elements , , and removes on event handlers and javascript: in href attributes. However, it does NOT block SVG animation elements , which can dynamically set attributes to dangero...

6.4CVSS5.9AI score0.00445EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•11 views

SUSE CVE-2026-32245

Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC token endpoint does not verify that the client exchanging an authorization code is the same client the code was issued to. A malicious OIDC client operator can exchange another client's authorization code using their...

6.5CVSS5.9AI score0.0025EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•11 views

SUSE CVE-2026-32246

Tinyauth is an authentication and authorization server. Prior to 5.0.3, the OIDC authorization endpoint allows users with a TOTP-pending session password verified, TOTP not yet completed to obtain authorization codes. An attacker who knows a user's password but not their TOTP secret can obtain...

8.5CVSS5.9AI score0.0027EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•11 views

SUSE CVE-2026-33167

Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A carefully crafted exception message could inject arbitrary HTML and JavaScript into the page,...

5.3CVSS6AI score0.00401EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:23 a.m.•11 views

SUSE CVE-2026-33554

ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.6CVSS6AI score0.00403EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/22 12:26 a.m.•11 views

SUSE CVE-2026-3479

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

3.3CVSS5.7AI score0.00238EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/15 12:28 a.m.•11 views

SUSE CVE-2025-15558

Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries docker-compose.exe, docker-buildx.exe, etc. that are executed when a...

8CVSS5.8AI score0.00472EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/14 12:24 a.m.•11 views

SUSE CVE-2026-32239

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/13 1:16 p.m.•11 views

SUSE CVE-2026-27940

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

7.8CVSS5.9AI score0.00177EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/06 12:28 a.m.•11 views

SUSE CVE-2025-69534

Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown...

7.5CVSS5.8AI score0.00566EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•11 views

SUSE CVE-2026-25802

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component MarkdownRenderer.jsx, allowing for Cross-Site ScriptingXSS when the model outputs items containing tag. Version...

7.6CVSS5.8AI score0.00222EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/17 12:24 a.m.•11 views

SUSE CVE-2026-23133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...

4.7CVSS5.3AI score0.00123EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/07 12:25 a.m.•11 views

SUSE CVE-2026-23518

Fleet is open source device management software. In versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, a vulnerability in Fleet's Windows MDM enrollment flow could allow an attacker to submit forged authentication tokens that are not properly validated. Because JWT signatures were not...

9.8CVSS5.5AI score0.00226EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/06 12:34 a.m.•11 views

SUSE CVE-2025-61732

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

9.6CVSS5.3AI score0.00472EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:47 a.m.•11 views

SUSE CVE-2025-13473

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsgi allows remote attackers to enumerate users via a timing attack. Earlier, unsupported Django series such as 5.0.x,...

7.5CVSS5.4AI score0.00713EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•11 views

SUSE CVE-2026-23029

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmeiointcdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmeiointcdestroy is not currently doing...

5.7AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/27 12:28 a.m.•11 views

SUSE CVE-2025-68671

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

6.5CVSS5.9AI score0.00239EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•11 views

SUSE CVE-2026-23003

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

6.6CVSS5.2AI score0.00468EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/17 12:47 a.m.•11 views

SUSE CVE-2022-21589

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...

4.3CVSS4.6AI score0.00911EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/17 12:27 a.m.•11 views

SUSE CVE-2025-68121

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the...

7.4CVSS8.2AI score0.00765EPSS
Exploits1References62
Total number of security vulnerabilities5000