Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
added 2026/05/27 2:47 a.m.11 views

SUSE CVE-2026-45834

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 2:47 a.m.11 views

SUSE CVE-2026-45836

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:21 a.m.11 views

SUSE CVE-2026-9100

The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents in a GridFS collection may cause any application that reads those files via the legacy API to either crash via a division-by-zero or silently leak process memo...

6CVSS5.8AI score0.00281EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.11 views

SUSE CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

5.5CVSS5.8AI score0.00253EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.11 views

SUSE CVE-2026-42001

Insufficient Validation of Autoprimary SOA Queries...

7.5CVSS5.8AI score0.00365EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.11 views

SUSE CVE-2026-43449

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bounds in nvmedbbufset dev-onlinequeues is a count incremented in nvmeinitqueue. Thus, valid indices are 0 through dev-onlinequeues − 1. This patch fixes the loop condition to ensure the index stays with...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.11 views

SUSE CVE-2026-43497

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vmops to dlfbopsmmap to prevent use-after-free dlfbopsmmap uses remappfnrange to map vmalloc framebuffer pages to userspace but sets no vmops on the VMA. This means the kernel cannot track active mmaps. When...

7.8CVSS5.9AI score0.00113EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.11 views

SUSE CVE-2026-43502

In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached to the sending socket. The purge path currently infers zerocopy stat...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.11 views

SUSE CVE-2026-44059

A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...

4.5CVSS5.8AI score0.00065EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.11 views

SUSE CVE-2026-47254

unknown...

6.8CVSS5.8AI score0.00024EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.11 views

SUSE CVE-2026-47714

unknown...

6.1CVSS5.8AI score0.00018EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.11 views

SUSE CVE-2026-47709

unknown...

6.2CVSS5.8AI score0.00025EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.11 views

SUSE CVE-2026-48029

unknown...

6.1CVSS5.8AI score0.00035EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9110

Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Critical...

4.2CVSS5.8AI score0.00337EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9111

Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00796EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9112

Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9118

Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9121

Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.8AI score0.0033EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9122

Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00269EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9123

Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: Medium...

7.5CVSS6.4AI score0.00187EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.11 views

SUSE CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6.1AI score0.00399EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.11 views

SUSE CVE-2026-44052

Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output in cleartext, which allows an attacker with access to the log files to obtain LDAP credentials...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.11 views

SUSE CVE-2026-44055

A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 allows a remote authenticated attacker to inject OS commands and execute arbitrary code...

7.5CVSS6.1AI score0.0036EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 2:47 a.m.11 views

SUSE CVE-2024-3219

The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don't support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of sockets. The connection between the two sockets was not verifi...

5.1CVSS7.3AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 2:45 a.m.11 views

SUSE CVE-2024-43365

Cacti is an open source performance and fault management framework. Theconsolenewsection parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in index.php, finally leading t...

8.2CVSS5.7AI score0.22531EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/21 2:30 a.m.11 views

SUSE CVE-2026-24182

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service...

6.5CVSS5.8AI score0.00125EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.11 views

SUSE CVE-2026-24197

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU MIG partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/21 2:28 a.m.11 views

SUSE CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

7CVSS6.5AI score0.00529EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/20 2:32 a.m.11 views

SUSE CVE-2026-8953

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.1CVSS5.8AI score0.00532EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/20 2:32 a.m.11 views

SUSE CVE-2026-8956

Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

6.3CVSS5.9AI score0.00605EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/20 2:31 a.m.11 views

SUSE CVE-2026-8969

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

5.4CVSS5.8AI score0.0029EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/20 2:31 a.m.11 views

SUSE CVE-2026-8972

Privilege escalation in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

6.3CVSS5.8AI score0.0033EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/20 2:31 a.m.11 views

SUSE CVE-2026-8973

Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

8.8CVSS6AI score0.00335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/20 2:28 a.m.11 views

SUSE CVE-2026-43491

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added per node. A malicious client can flood NEWSERVER messages and exhaust memory. Fix this issue by...

6.2CVSS5.8AI score0.00144EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/20 2:28 a.m.11 views

SUSE CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/19 2:2 a.m.11 views

SUSE CVE-2024-0450

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

6.2CVSS6.8AI score0.00333EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2026/05/18 1:23 a.m.11 views

SUSE CVE-2021-34529

unknown...

7.8CVSS7.1AI score0.03862EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 6:19 p.m.11 views

SUSE CVE-2012-0271

Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a...

10CVSS6.4AI score0.17091EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8510

Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS5.9AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8524

Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00383EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8525

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS6AI score0.00229EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8532

Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.0028EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8533

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8536

Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00186EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8538

Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8539

Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

5.4CVSS5.9AI score0.00159EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8542

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8544

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.11 views

SUSE CVE-2026-8552

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

4.3CVSS6AI score0.00195EPSS
Exploits0References3
Total number of security vulnerabilities5000