Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/06/09 2:25 a.m.•10 views

SUSE CVE-2026-11487

A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...

5.3CVSS5.3AI score0.00923EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:21 a.m.•10 views

SUSE CVE-2026-44942

A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content...

6.5CVSS5.8AI score0.00329EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-46292

In the Linux kernel, the following vulnerability has been resolved: pmdomain: core: Fix detach procedure for virtual devices in genpd If a device is attached to a PM domain through genpddevpmattachbyid, genpd calls pmruntimeenable for the corresponding virtual device that it registers. While this...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-46296

In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe back to s3c64xxspipreparetransfer failed to remove the corresponding deallocation from remove. Drop the bogus DMA channel release fro...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-46297

In the Linux kernel, the following vulnerability has been resolved: net: libwx: use requestirq for VF misc interrupt Currently, requestthreadedirq is used with a primary handler but a NULL threaded handler, while also setting the IRQFONESHOT flag. This specific combination triggers a WARNING sinc...

5.5CVSS5.4AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-46299

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplusfillsuper hfsplusfillsuper calls hfsfindinit to initialize a search structure, which acquires tree-treelock. If the subsequent call to hfspluscatbuildkey fails, the function jumps to the...

5.5CVSS5.5AI score0.00091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5CVSS5.5AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-46309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject cohnone PAT index for CPU cached memory in madvise Add validation in xevmmadviseioctl to reject PAT indices with XECOHNONE coherency mode when applied to CPU cached memory. Using cohnone with CPU cached buffer...

5.5CVSS5.4AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-46313

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-48101

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule .scap parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize up to 1 GiB without...

5.5CVSS5.6AI score0.00277EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

3.6CVSS5.5AI score0.00179EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/06/08 1:5 a.m.•10 views

SUSE CVE-2026-1070

The Alex User Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.0. This is due to missing nonce validation on the alexusercounterfunction function. This makes it possible for unauthenticated attackers to update the plugin settings via...

4.3CVSS5.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•10 views

SUSE CVE-2026-10907

Out of bounds write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•10 views

SUSE CVE-2026-10913

Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•10 views

SUSE CVE-2026-10932

Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00301EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•10 views

SUSE CVE-2026-10933

Use after free in Audio in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00267EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•10 views

SUSE CVE-2026-10944

Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.5AI score0.00296EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•10 views

SUSE CVE-2026-10945

Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6AI score0.0036EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•10 views

SUSE CVE-2026-10946

Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.3AI score0.00374EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10953

Use after free in Core in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10955

Type Confusion in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00381EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10957

Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00361EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10966

Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...

9.6CVSS5.5AI score0.003EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10967

Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00267EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10968

Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

7.4CVSS5.5AI score0.00308EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10969

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00285EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10973

Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

7.4CVSS5.5AI score0.00985EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10974

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10975

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00456EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10978

Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: High...

8.8CVSS6AI score0.00333EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10979

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.5AI score0.00308EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:49 a.m.•10 views

SUSE CVE-2026-10983

Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:48 a.m.•10 views

SUSE CVE-2026-10991

Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00361EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:48 a.m.•10 views

SUSE CVE-2026-10998

Out of bounds read in Media in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform an out of bounds memory read via malicious network traffic. Chromium security severity: Medium...

4CVSS5.4AI score0.00106EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:48 a.m.•10 views

SUSE CVE-2026-11004

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.5AI score0.00274EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:48 a.m.•10 views

SUSE CVE-2026-11010

Use after free in WebShare in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00221EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11021

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11023

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00225EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11026

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00166EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11029

Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00233EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11031

Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00203EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11034

Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00182EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11038

Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00193EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:47 a.m.•10 views

SUSE CVE-2026-11044

Integer overflow in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00285EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:46 a.m.•10 views

SUSE CVE-2026-11050

Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:46 a.m.•10 views

SUSE CVE-2026-11054

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00355EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:46 a.m.•10 views

SUSE CVE-2026-11055

Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:46 a.m.•10 views

SUSE CVE-2026-11057

Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.0025EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:46 a.m.•10 views

SUSE CVE-2026-11059

Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.0028EPSS
Exploits0References2
Total number of security vulnerabilities5000