Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
added 2026/05/09 2:40 a.m.11 views

SUSE CVE-2026-43235

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - getvpubuffersize = irisvpu33bufsize Without this, the driver fails to allocate the required internal buffers, leading to...

5.7AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:40 a.m.11 views

SUSE CVE-2026-43237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:40 a.m.11 views

SUSE CVE-2026-43240

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:40 a.m.11 views

SUSE CVE-2026-43259

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:42 a.m.11 views

SUSE CVE-2014-0610

The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer dereference via unspecified vectors...

10CVSS6.2AI score0.05534EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/08 2:35 a.m.11 views

SUSE CVE-2016-8817

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the size input to memcpy, causing a buffer overflow, leading to denial of service o...

7.8CVSS7.3AI score0.004EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:28 a.m.11 views

SUSE CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

6.9CVSS5.8AI score0.00078EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-6210

A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id attribute and casts it to QSvgMarker without verifying the node type. A non-marker element such as a...

8.7CVSS5.8AI score0.00279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7899

Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00296EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7904

Out of bounds read in Fonts in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7914

Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7915

Insufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7916

Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7920

Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00206EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7923

Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00206EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7928

Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00338EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.11 views

SUSE CVE-2026-7929

Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00246EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7930

Is not a vulnerability, is a feature bug...

5.4AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7938

Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00267EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7941

Insufficient validation of untrusted input in Mobile in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

4.4CVSS5.9AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7944

Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.7AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7945

Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.7AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7946

Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7950

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. Chromium security severity: Medium...

5.4CVSS5.9AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7957

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00291EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7974

Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00267EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7977

Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.3CVSS5.8AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-7980

Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00338EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-7983

Out of bounds read in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00193EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-7991

Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00223EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-7995

Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00223EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-8003

Insufficient validation of untrusted input in TabGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Low...

5.4CVSS5.8AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-8008

Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...

5.4CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-8012

Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.9AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-8022

Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted MHTML page. Chromium security severity: Low...

3.1CVSS5.8AI score0.00152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.11 views

SUSE CVE-2026-8090

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2...

7.5CVSS5.8AI score0.00317EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/08 2:22 a.m.11 views

SUSE CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

7.8CVSS6.1AI score0.00607EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/08 2:22 a.m.11 views

SUSE CVE-2026-39402

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

6.5CVSS5.8AI score0.00162EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:22 a.m.11 views

SUSE CVE-2026-40251

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The backup restore subsystem contains an...

7.1CVSS5.8AI score0.00408EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:21 a.m.11 views

SUSE CVE-2026-41673

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, seven recursive traversals in lib/dom.js operate without a depth limit. A sufficiently deeply nested DO...

8.7CVSS5.7AI score0.00643EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:21 a.m.11 views

SUSE CVE-2026-43127

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario: 1. ntfsextendmft takes ni-file.runlock then...

5.5CVSS5.7AI score0.00093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:20 a.m.11 views

SUSE CVE-2026-43150

In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models at least with a warning, and unknown revisions of those which we do know, as although things do...

5.5CVSS5.7AI score0.00139EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/08 2:20 a.m.11 views

SUSE CVE-2026-43161

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:20 a.m.11 views

SUSE CVE-2026-43196

In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double free in prussclkmuxsetup In the prussclkmuxsetup, the devmaddactionorreset indirectly calls prussoffreeclkprovider, which calls ofnodeputclkmuxnp on the error path. However, after the devmaddactionorres...

5.8AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:20 a.m.11 views

SUSE CVE-2026-43211

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcislottrylock error handling Commit a4e772898f8b "PCI: Add missing bridge lock to pcibuslock" delegates the bridge device's pcidevtrylock to pcibustrylock in pcislottrylock, but it forgets to remove the corresponding...

7.8CVSS5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:20 a.m.11 views

SUSE CVE-2026-43221

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:19 a.m.11 views

SUSE CVE-2026-44263

Weblate is a web based localization tool. Prior to version 5.17.1, the screenshots, tasks, and component link API allowed for the enumeration of translations in a project inaccessible to the user. This issue has been patched in version 5.17.1...

4.3CVSS5.7AI score0.00288EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:19 a.m.11 views

SUSE CVE-2026-44264

Weblate is a web based localization tool. Prior to version 5.17.1, the Markdown renderer used in user comments and other user-provided content didn't properly sanitize some attributes. This issue has been patched in version 5.17.1...

4.3CVSS5.7AI score0.00275EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:19 a.m.11 views

SUSE CVE-2026-44599

Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...

5.3CVSS5.8AI score0.00287EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:19 a.m.11 views

SUSE CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

5.3CVSS5.8AI score0.00378EPSS
Exploits0References3
Total number of security vulnerabilities5000