Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/06/13 2:29 a.m.•19 views

SUSE CVE-2026-9648

The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA's permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA to...

9.1CVSS5.3AI score0.00223EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:25 a.m.•19 views

SUSE CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

7.8CVSS5.4AI score0.0018EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•19 views

SUSE CVE-2026-10885

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00374EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/02 1:44 a.m.•19 views

SUSE CVE-2026-10201

A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has be...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/02 1:39 a.m.•19 views

SUSE CVE-2026-42506

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6AI score0.00188EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9872

Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00326EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9875

Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00243EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9880

Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9882

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Critical...

6.5CVSS5.9AI score0.00221EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:19 a.m.•19 views

SUSE CVE-2026-9890

Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•19 views

SUSE CVE-2026-9893

Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00267EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:18 a.m.•19 views

SUSE CVE-2026-9901

Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00255EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:17 a.m.•19 views

SUSE CVE-2026-9933

Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:21 a.m.•19 views

SUSE CVE-2026-42250

bzip2 contains an off-by-one error in the bzip2recover utility. When processing a specially crafted file, the application performs an out-of-bounds write to a global buffer, resulting in memory corruption and a crash denial of service. This issue was fixed in bzip2 patch...

5.1CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•19 views

SUSE CVE-2026-46114

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMICWRITE payloads atomicwritereply at drivers/infiniband/sw/rxe/rxeresp.c unconditionally dereferences 8 bytes at payloadaddrpkt: value = u64 payloadaddrpkt; checkrkey previously accepted an...

5.4CVSS5.8AI score0.00467EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•19 views

SUSE CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•19 views

SUSE CVE-2026-46188

In the Linux kernel, the following vulnerability has been resolved: octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading t...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 4:1 a.m.•19 views

SUSE CVE-2025-71306

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

7.1CVSS5.8AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•19 views

SUSE CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS5.3AI score0.00135EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•19 views

SUSE CVE-2026-45935

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in DeleteIndexEntryRoot In the 'DeleteIndexEntryRoot' case of the 'doaction' function, the entry size 'esize' is retrieved from the log record without adequate bounds checking. Specifically,...

7.8CVSS5.9AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:53 a.m.•19 views

SUSE CVE-2026-46034

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdxirqs array in vfiocdxsetmsitrigger. Without this check, userspace can trigger a NULL pointer...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/27 10:57 a.m.•19 views

SUSE CVE-2026-35540

An issue was discovered in Roundcube Webmail 1.6.0 before 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts...

6.5CVSS5.8AI score0.0031EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/26 1:52 a.m.•19 views

SUSE CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

7.5CVSS5.6AI score0.00396EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/23 1:29 a.m.•19 views

SUSE CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

7.5CVSS5.9AI score0.00466EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2026/05/23 1:27 a.m.•19 views

SUSE CVE-2026-46595

Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...

8.1CVSS5.8AI score0.0044EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2026/05/18 1:22 p.m.•19 views

SUSE CVE-2026-8390

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...

7.3CVSS5.8AI score0.0026EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/18 1:22 p.m.•19 views

SUSE CVE-2026-8695

radare2 6.1.5 contains a use-after-free vulnerability in the gdbrthreadslist function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed by a malformed qsThreadInfo response. Attackers can exploit this vulnerability through GDB remote...

9.8CVSS6.2AI score0.00626EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•19 views

SUSE CVE-2026-46483

Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tarVimuntar in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescapetartail without the...

7.8CVSS5.9AI score0.00552EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/05/15 1:58 a.m.•19 views

SUSE CVE-2026-42583

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength up to 32 MB per block before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if...

7.5CVSS5.8AI score0.00429EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/15 1:58 a.m.•19 views

SUSE CVE-2026-42584

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103,...

5.6CVSS5.8AI score0.00633EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•19 views

SUSE CVE-2026-43425

In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:43 a.m.•19 views

SUSE CVE-2026-39819

The "go bug" command writes to two files with predictable names in the system temporary directory for example, "/tmp". An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink...

5.3CVSS5.8AI score0.00179EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/09 2:42 a.m.•19 views

SUSE CVE-2026-42501

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy GOMODPROXY or checksum database GOSUMDB. A malicious module proxy can serve altered versions o...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/09 2:40 a.m.•19 views

SUSE CVE-2026-43263

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts happens and structures for decoder are removed. "struct vpuinstance" this structure is shared for all...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:24 a.m.•19 views

SUSE CVE-2025-71285

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Drop the MHI autoqueue feature for IPCR DL channels MHI stack offers the 'autoqueue' feature, which allows the MHI stack to auto queue the buffers for the RX path DL channel. Though this feature simplifies the client...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:24 a.m.•19 views

SUSE CVE-2025-71289

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attrsetsize errors when truncating files If attrsetsize fails while truncating down, the error is silently ignored and the inode may be left in an inconsistent state...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:16 a.m.•19 views

SUSE CVE-2026-43252

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always set ID as avail when rm endp Syzkaller managed to find a combination of actions that was generating this warning: WARNING: net/mptcp/pmkernel.c:1074 at marksubflowendpavailable net/mptcp/pmkernel.c:10...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/06 1:43 a.m.•19 views

SUSE CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

5.8AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/01 2:12 a.m.•19 views

SUSE CVE-2026-5260

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

5.9CVSS5.8AI score0.00727EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/28 1:34 a.m.•19 views

SUSE CVE-2026-41414

Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...

7.4CVSS5.4AI score0.00281EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:29 a.m.•19 views

SUSE CVE-2026-31531

In the Linux kernel, the following vulnerability has been resolved: ipv4: nexthop: allocate skb dynamically in rtmgetnexthop When querying a nexthop object via RTMGETNEXTHOP, the kernel currently allocates a fixed-size skb using NLMSGGOODSIZE. While sufficient for single nexthops and small...

5.5CVSS5.6AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/25 12:24 a.m.•19 views

SUSE CVE-2026-25638

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in coders/msl.c. In the WriteMSLImage function of the msl.c file, resources are allocated. But the function returns early without releasing...

5.3CVSS5.8AI score0.00325EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/02/17 12:24 a.m.•19 views

SUSE CVE-2026-23130

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit 1 converted the management transmission work item into a wiphy work. Since a wiphy work can only run under wiphy lock protection, a race condition happens in bel...

5.5CVSS5.1AI score0.0008EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/09 12:23 a.m.•19 views

SUSE CVE-2026-21883

Bokeh is an interactive visualization library written in Python. In versions 3.8.1 and below, if a server is configured with an allowlist e.g., dashboard.corp, an attacker can register a domain like dashboard.corp.attacker.com or use a subdomain if applicable and lure a victim to visit it. The...

7.4CVSS6.8AI score0.00159EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:28 a.m.•19 views

SUSE CVE-2025-12421

Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email...

9.9CVSS7.3AI score0.0031EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/10 12:39 a.m.•19 views

SUSE CVE-2022-50647

In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb', outsb', etc. which use the physical PCI port I/O address rather than the corresponding memory mapping to get at the requested...

6.3AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/11/28 12:22 a.m.•19 views

SUSE CVE-2025-64344

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...

7.5CVSS7AI score0.00306EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2023/02/15 6:15 a.m.•19 views

SUSE CVE-2006-2769

The HTTP Inspect preprocessor httpinspect in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return \r after the URL and before the HTTP declaration...

5CVSS7AI score0.10813EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2023/02/15 6:5 a.m.•19 views

SUSE CVE-2008-6682

Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of 1 " double quote characters in the href attribute of an s:a tag and 2...

4.3CVSS6AI score0.05614EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2023/02/15 4:37 a.m.•19 views

SUSE CVE-2017-15750

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009ae0."...

7.8CVSS8.1AI score0.01881EPSS
Exploits0References3
Total number of security vulnerabilities5000