Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/30 2:28 a.m.•11 views

SUSE CVE-2026-7360

Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.3AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/30 2:25 a.m.•11 views

SUSE CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/30 2:25 a.m.•11 views

SUSE CVE-2026-40687

In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory...

9.1CVSS5.8AI score0.00373EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/30 2:25 a.m.•11 views

SUSE CVE-2026-41140

Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.datafilter is unavailable. Considering only Python versions which are still supporte...

8.7CVSS5.4AI score0.00294EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/30 2:24 a.m.•11 views

SUSE CVE-2026-42486

unknown...

5.2AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/28 11:26 p.m.•11 views

SUSE CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

3.5CVSS5.3AI score0.00409EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/04/28 11:26 p.m.•11 views

SUSE CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

7CVSS5.7AI score0.00274EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/28 1:35 a.m.•11 views

SUSE CVE-2026-35329

unknown...

7.5CVSS5.2AI score
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/28 1:35 a.m.•11 views

SUSE CVE-2026-35334

unknown...

7.5CVSS5.2AI score
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/28 1:35 a.m.•11 views

SUSE CVE-2026-40475

unknown...

5.5CVSS5.2AI score
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/26 1:52 a.m.•11 views

SUSE CVE-2026-31678

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

6.4CVSS5.4AI score0.00096EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/25 1:39 a.m.•11 views

SUSE CVE-2026-31572

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fix resume-probe race condition issue Identified resume-probe race condition in kernel v7.0 with the commit 38fa29b01a6a "i2c: designware: Combine the init functions",but this issue existed from the...

4.7CVSS5.4AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/25 1:39 a.m.•11 views

SUSE CVE-2026-31576

In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free memory after the device is registered in hackrfprobe In hackrf driver, the following race condition occurs: CPU0 CPU1 hackrfprobe kzalloc; // alloc hackrfdev .... v4l2deviceregister; .... fd =...

5.5CVSS5.5AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/25 1:38 a.m.•11 views

SUSE CVE-2026-31581

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...

6.4CVSS5.6AI score0.00128EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/04/25 1:38 a.m.•11 views

SUSE CVE-2026-31586

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

7CVSS5.7AI score0.00128EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/25 1:38 a.m.•11 views

SUSE CVE-2026-31605

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-zero on FBIOPUTVSCREENINFO Much like commit 19f953e74356 "fbdev: fbpm2fb: Avoid potential divide by zero error", we also need to prevent that same crash from happening in the udlfb driver as it uses...

5.5CVSS5.4AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/25 1:37 a.m.•11 views

SUSE CVE-2026-31622

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digitalinrecvsddres appends 3 or 4 bytes to target-nfcid1 on each round, but the number of cascade rounds is controlled...

8.8CVSS5.5AI score0.00281EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/25 1:37 a.m.•11 views

SUSE CVE-2026-31633

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

9.8CVSS5.5AI score0.00469EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:46 a.m.•11 views

SUSE CVE-2008-5091

Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service application crash via vectors involving an "invalid extensibleMatch filter."...

10CVSS5.8AI score0.02123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:36 a.m.•11 views

SUSE CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

7.8CVSS5.9AI score0.00233EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/04/24 1:34 a.m.•11 views

SUSE CVE-2026-6019

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

3.8CVSS5.7AI score0.00229EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/04/24 1:28 a.m.•11 views

SUSE CVE-2026-41176

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and pri...

9.8CVSS5.8AI score0.34734EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:27 a.m.•11 views

SUSE CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS6AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•11 views

SUSE CVE-2026-6507

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

7.5CVSS5.7AI score0.00482EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•11 views

SUSE CVE-2026-22021

unknown...

5.3CVSS7.2AI score0.00305EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•11 views

SUSE CVE-2026-31459

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix paramctx leak on damonsysfsnewtestctx failure Patch series "mm/damon/sysfs: fix memory leak and NULL dereference issues", v4. DAMONSYSFS can leak memory under allocation failure, and do NULL pointer dereferenc...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•11 views

SUSE CVE-2026-31488

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes in DSC validation Starting with commit 17ce8a6907f7 "drm/amd/display: Add dsc pre-validation in atomic check", amdgpu resets the CRTC state modechanged flag to false when...

6.4CVSS5.6AI score0.00135EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•11 views

SUSE CVE-2026-31507

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•11 views

SUSE CVE-2026-33593

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS5.7AI score0.00381EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•11 views

SUSE CVE-2026-6771

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•11 views

SUSE CVE-2026-6773

Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•11 views

SUSE CVE-2026-6775

Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.7AI score0.00208EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•11 views

SUSE CVE-2026-6780

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00294EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:37 a.m.•11 views

SUSE CVE-2026-35587

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...

8.8CVSS5.9AI score0.00396EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/21 12:16 p.m.•11 views

SUSE CVE-2026-40244

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

7.8CVSS5.8AI score0.00427EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•11 views

SUSE CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS5.9AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:30 p.m.•11 views

SUSE CVE-2026-5863

Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00292EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•11 views

SUSE CVE-2026-5902

Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. Chromium security severity: Low...

7.3AI score0.00212EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/08 11:26 p.m.•11 views

SUSE CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

7.3CVSS6.5AI score0.00225EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•11 views

SUSE CVE-2026-34831

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the...

4.8CVSS5.8AI score0.00147EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•11 views

SUSE CVE-2026-34835

Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Request parses the Host header using an AUTHORITY regular expression that accepts characters not permitted in RFC-compliant hostnames, including /, ?, , and @. Because req.hos...

6.5CVSS5.8AI score0.00192EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/03/28 12:27 a.m.•11 views

SUSE CVE-2026-32285

The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...

5.5CVSS5.9AI score0.0075EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2026/03/28 12:25 a.m.•11 views

SUSE CVE-2026-33532

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

4.3CVSS6.1AI score0.00469EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/28 12:25 a.m.•11 views

SUSE CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

6.4CVSS5.8AI score0.0018EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/26 5:7 p.m.•11 views

SUSE CVE-2026-33223

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header Nats-Request-Info: is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages was...

6.4CVSS5.9AI score0.00211EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/26 10:9 a.m.•11 views

SUSE CVE-2025-14443

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

6.4CVSS5.8AI score0.00306EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•11 views

SUSE CVE-2026-23279

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

6.5CVSS5.8AI score0.00136EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23305

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could be the case with EPROBEDEFER, we need to properly unwind by decrementing the counter we just incremented and if this is the first core we...

7.1CVSS5.7AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23312

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

4.6CVSS5.8AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23317

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that returned an error code...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References80
Total number of security vulnerabilities5000