Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/06/13 2:29 a.m.•20 views

SUSE CVE-2026-9648

The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA's permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to...

9.1CVSS5.3AI score0.00223EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•20 views

SUSE CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

7.8CVSS5.4AI score0.00188EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/30 2:27 a.m.•20 views

SUSE CVE-2024-13745

unknown...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•20 views

SUSE CVE-2026-9886

Use after free in Base in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00243EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•20 views

SUSE CVE-2026-9901

Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00255EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:22 a.m.•20 views

SUSE CVE-2026-9818

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

4.7CVSS5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•20 views

SUSE CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

5.5CVSS5.7AI score0.00574EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•20 views

SUSE CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

8.1CVSS5.8AI score0.00242EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•20 views

SUSE CVE-2026-45925

In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanup attribute to automatically release the node and fix the leak. rjw:...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/26 1:52 a.m.•20 views

SUSE CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

7.5CVSS5.6AI score0.00396EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/23 1:27 a.m.•20 views

SUSE CVE-2026-46595

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...

8.1CVSS5.8AI score0.0044EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2026/05/15 1:58 a.m.•20 views

SUSE CVE-2026-42581

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length, but only for HTTP/1.1 messages. The guard is absen...

7.3CVSS5.8AI score0.00515EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•20 views

SUSE CVE-2026-43407

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...

5.5CVSS5.8AI score0.00537EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•20 views

SUSE CVE-2026-43425

In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:39 a.m.•20 views

SUSE CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS6AI score0.93235EPSS
Exploits31References136
SUSE CVE
SUSE CVE
•added 2026/05/09 2:39 a.m.•20 views

SUSE CVE-2026-44931

The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd...

5.1CVSS5.9AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:19 a.m.•20 views

SUSE CVE-2026-43074

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/05/07 2:19 a.m.•20 views

SUSE CVE-2026-43075

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/02 1:25 a.m.•20 views

SUSE CVE-2026-31694

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...

7.8CVSS5.8AI score0.00127EPSS
Exploits1References118
SUSE CVE
SUSE CVE
•added 2026/05/01 2:12 a.m.•20 views

SUSE CVE-2026-5260

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

5.9CVSS5.8AI score0.00727EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•20 views

SUSE CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

9.8CVSS5.8AI score0.00383EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:23 a.m.•20 views

SUSE CVE-2026-40938

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver's revision parameter is passed directly as a positional argument to git fetch without any validation...

8.5CVSS6.4AI score0.00788EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•20 views

SUSE CVE-2026-6314

Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00269EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•20 views

SUSE CVE-2025-71187

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures e.g. probe deferral...

5.5CVSS5.7AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•20 views

SUSE CVE-2026-23018

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...

4.7CVSS5.8AI score0.001EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•20 views

SUSE CVE-2026-23036

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...

5.8AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/25 12:24 a.m.•20 views

SUSE CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.5CVSS5.3AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/17 12:33 a.m.•20 views

SUSE CVE-2024-6717

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2...

8.6CVSS6.9AI score0.00388EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:25 a.m.•20 views

SUSE CVE-2025-64521

authentik is an open-source Identity Provider. Prior to versions 2025.8.5 and 2025.10.2, when authenticating with clientid and clientsecret to an OAuth provider, authentik creates a service account for the provider. In previous authentik versions, authentication for this account was possible even...

4.8CVSS7AI score0.00197EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/20 12:25 a.m.•20 views

SUSE CVE-2025-68297

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash in processv2sparseread for encrypted directories The crash in processv2sparseread for fscrypt-encrypted directories has been reported. Issue takes place for Ceph msgr2 protocol in secure mode. It can be reproduced...

5.5CVSS6.4AI score0.00176EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2023/02/15 6:14 a.m.•20 views

SUSE CVE-2006-3331

Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks...

5CVSS6.9AI score0.03513EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2023/02/15 6:13 a.m.•20 views

SUSE CVE-2006-7229

The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spinlock and spinunlock functions, which allows remote attackers to cause a denial of service machine crash via a flood of network traffic...

7.8CVSS6.7AI score0.02801EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2023/02/15 5:54 a.m.•20 views

SUSE CVE-2011-0456

webscript.pl in Open Ticket Request System OTRS 2.3.4 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability."...

7.5CVSS8.1AI score0.03001EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2023/02/15 5:46 a.m.•20 views

SUSE CVE-2012-2945

Hadoop 1.0.3 contains a symlink vulnerability...

7.5CVSS7AI score0.02671EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2023/02/15 5:37 a.m.•20 views

SUSE CVE-2013-3704

The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might allow remote attackers to trick users into believing that the repository was signed by a...

4.3CVSS6.9AI score0.01533EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2023/02/15 5:37 a.m.•20 views

SUSE CVE-2013-3738

A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code...

9.8CVSS7.5AI score0.03125EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2023/02/15 3:41 a.m.•20 views

SUSE CVE-2021-31227

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...

7.5CVSS7.9AI score0.01675EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/26 2:11 a.m.•19 views

SUSE CVE-2026-53166

In the Linux kernel, the following vulnerability has been resolved: futex/requeue: Prevent NULL pointer dereference in removewaiter on self-deadlock When FUTEXCMPREQUEUEPI requeues a non-top waiter that already owns the target PI futex, taskblocksonrtmutex returns -EDEADLK before setting...

5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/17 2:16 a.m.•19 views

SUSE CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

7.8CVSS5.5AI score0.00321EPSS
Exploits9References7
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•19 views

SUSE CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00244EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•19 views

SUSE CVE-2026-10885

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00374EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:38 a.m.•19 views

SUSE CVE-2026-11309

Insufficient policy enforcement in History in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00132EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/02 1:44 a.m.•19 views

SUSE CVE-2026-10201

A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has be...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/02 1:39 a.m.•19 views

SUSE CVE-2026-42506

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6AI score0.00188EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9872

Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00326EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9875

Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00243EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9880

Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9882

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Critical...

6.5CVSS5.9AI score0.00221EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9890

Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•19 views

SUSE CVE-2026-9893

Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00267EPSS
Exploits0References3
Total number of security vulnerabilities5000