Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
added 2026/05/16 1:14 a.m.11 views

SUSE CVE-2026-8558

Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:14 a.m.11 views

SUSE CVE-2026-8565

Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.7CVSS5.8AI score0.00134EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:14 a.m.11 views

SUSE CVE-2026-8566

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:14 a.m.11 views

SUSE CVE-2026-8568

Determined not a vulnerability...

5.2AI score0.00174EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

7.8CVSS6AI score0.00173EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-43906

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the HEIF decoder of OpenImageIO allows out-of-bounds writes via crafted images due to a subimage metada...

8.5CVSS6.1AI score0.00188EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-43908

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the pixel-loop index expression i 3 inside ConvertCbYCrYToRGB causes the function to compute a larg...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-44636

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...

7.8CVSS6.3AI score0.00104EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-44637

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-bounds heap write in sixeldecoderawimpl. context-posx grows by repeatcount on every sixel character wit...

7.1CVSS6AI score0.0016EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-44638

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixeldecoderaw and sixeldecode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter alway...

2.5CVSS5.8AI score0.00131EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

8.6CVSS6AI score0.00428EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/15 1:59 a.m.11 views

SUSE CVE-2026-28374

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...

4.3CVSS5.8AI score0.00198EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/15 1:59 a.m.11 views

SUSE CVE-2026-28380

Any Editor could delete any snapshot, even if they have no access to read or write them...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/15 1:59 a.m.11 views

SUSE CVE-2026-33376

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/15 1:59 a.m.11 views

SUSE CVE-2026-33378

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/15 1:58 a.m.11 views

SUSE CVE-2026-42186

OpenBao is an open source identity-based secrets management system. Prior to 2.5.3, when OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as potentially leaving...

7.5CVSS5.8AI score0.00248EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/15 1:58 a.m.11 views

SUSE CVE-2026-44432

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

5.9CVSS5.8AI score0.0068EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/14 3:1 a.m.11 views

SUSE CVE-2026-40701

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpsslmodule module when the sslverifyclient directive is set to "on" or "optional," and the sslocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this configuration, an unauthenticated attacke...

5.6CVSS5.8AI score0.00677EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/14 3:1 a.m.11 views

SUSE CVE-2026-44296

Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service DoS vulnerability affects Deskflow servers running with TLS enabled the default. When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 4:9 p.m.11 views

SUSE CVE-2017-6056

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the f...

7.5CVSS5.8AI score0.07486EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:37 p.m.11 views

SUSE CVE-2019-12455

An issue was discovered in sunxidivsclksetup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derivedname, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash. NOTE: This id is disputed as not...

5.5CVSS6.8AI score0.00421EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 2:25 p.m.11 views

SUSE CVE-2026-8368

LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...

5.3CVSS5.8AI score0.00266EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 2:21 p.m.11 views

SUSE CVE-2026-43513

Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Older unsupported versions...

5.4CVSS5.7AI score0.00467EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/05/13 2:21 p.m.11 views

SUSE CVE-2026-43515

Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...

7.5CVSS5.8AI score0.01136EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2026/05/13 3:37 a.m.11 views

SUSE CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

2.9CVSS5.8AI score0.00365EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/05/13 3:36 a.m.11 views

SUSE CVE-2026-43145

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Fix invalid loaded resource table detection imxrprocelffindloadedrsctable may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree contains a...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:36 a.m.11 views

SUSE CVE-2026-43180

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: remove TX queue manipulation in kawethsetrxmode kawethsetrxmode, the ndosetrxmode callback, calls netifstopqueue and netifwakequeue. These are TX queue flow control functions unrelated to RX multicast...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43287

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43293

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43303

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare Several subsystems slub, shmem, ttm, etc. use page-private but don't clear it before freeing pages. When these pages are later allocated as high-order pages and split via...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43312

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43320

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue why Need to add function hook check before use...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43322

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace caused by hciconn being freed before lereadfeaturescomplete but after hcilereadremotefeaturessync so hciconndel - hcicmdsyncdequeue is not...

8.8CVSS5.7AI score0.00219EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43326

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...

5.8AI score0.00083EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43327

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43332

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone device registration error path If thermalzonedeviceregisterwithtrips fails after registering a thermal zone device, it needs to wait for the tz-removal completion like thermalzonedeviceunregister, ...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43345

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CHCCNTXT0 to CHCCNTXT1. The v5.0 register definition intended to define this field in the CHCCNTXT1 fmask array but...

5.5CVSS5.7AI score0.00353EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.8AI score0.00224EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43355

In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43376

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

9.8CVSS5.7AI score0.00444EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43390

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper that...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43392

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's schedclass from fair to ext. Since fair has higher priority than ext,...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43399

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43403

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces...

8.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43404

In the Linux kernel, the following vulnerability has been resolved: mm: Fix a hmmrangefault livelock / starvation problem If hmmrangefault fails a foliotrylock in doswappage, trying to acquire the lock of a device-private folio for migration, to ram, the function will spin until it succeeds...

5.8AI score0.00093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43421

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/13 3:33 a.m.11 views

SUSE CVE-2026-43438

In the Linux kernel, the following vulnerability has been resolved: schedext: Remove redundant cssput in scxcgroupinit The iterator cssforeachdescendantpre walks the cgroup hierarchy under cgrouplock. It does not increment the reference counts on yielded css structs. According to the cgroup...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:33 a.m.11 views

SUSE CVE-2026-43470

In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3proccreate if dalias is a dir If we found an alias through nfs3docreate/nfsaddorobtain /dsplicealias which happens to be a dir dentry, we don't return any error, and simply forget about this alias, but t...

5.5CVSS5.7AI score0.00116EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/13 3:33 a.m.11 views

SUSE CVE-2026-43512

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from before 7.0.0. Older unsupported...

7.3CVSS5.7AI score0.01233EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2026/05/12 3:30 a.m.11 views

SUSE CVE-2026-43324

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat involved history. The synchronization mechanism was introduced by commit 7dbd8f4cabd9...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References3
Total number of security vulnerabilities5000