Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/25 1:38 a.m.•10 views

SUSE CVE-2026-31607

In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...

6.5CVSS5.7AI score0.00311EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/25 1:38 a.m.•10 views

SUSE CVE-2026-31613

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

7.1CVSS5.5AI score0.00378EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2026/04/25 1:37 a.m.•10 views

SUSE CVE-2026-31628

In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit...

4.7CVSS5.4AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/25 1:37 a.m.•10 views

SUSE CVE-2026-31634

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix reference count leak in rxrpcserverkeyring This patch fixes a reference count leak in rxrpcserverkeyring by checking if rx-securities is already set...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/25 1:37 a.m.•10 views

SUSE CVE-2026-31644

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...

7CVSS5.5AI score0.00125EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/25 1:36 a.m.•10 views

SUSE CVE-2026-31668

In the Linux kernel, the following vulnerability has been resolved: seg6: separate dstcache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dstcache per encap route, shared between seg6inputcore and seg6outputcore. These two paths can perform the post-encap SID lookup ...

4.4CVSS5.4AI score0.00443EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/24 1:29 a.m.•10 views

SUSE CVE-2026-31533

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption The -EBUSY handling in tlsdoencryption, introduced by commit 859054147318 "net: tls: handle backlogging of crypto requests", has a use-after-free due to double...

7CVSS5.7AI score0.00263EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/24 1:28 a.m.•10 views

SUSE CVE-2026-41179

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs...

9.8CVSS5.9AI score0.09199EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•10 views

SUSE CVE-2026-22003

unknown...

6CVSS7.2AI score0.00101EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•10 views

SUSE CVE-2026-22007

unknown...

2.9CVSS7.2AI score0.00124EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•10 views

SUSE CVE-2026-22016

unknown...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•10 views

SUSE CVE-2026-31436

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...

7CVSS5.6AI score0.00457EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•10 views

SUSE CVE-2026-31447

In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with sfirstdatablock != 0 bigalloc with sfirstdatablock != 0 is not supported, reject mounting it...

5.6AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•10 views

SUSE CVE-2026-31494

In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...

4.4CVSS5.6AI score0.00129EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•10 views

SUSE CVE-2026-31504

In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packetrelease via NETDEVUP race packetrelease has a race window where NETDEVUP can re-register a socket into a fanout group's arr array. The re-registration is not cleaned up by fanoutrelease, leaving a...

7CVSS5.6AI score0.00129EPSS
Exploits0References124
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•10 views

SUSE CVE-2026-31505

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...

7CVSS5.8AI score0.00129EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-31524

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it. Switch to devmkzalloc to ensure the memory is managed and freed...

4.7CVSS5.7AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-31525

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...

6.4CVSS5.7AI score0.00129EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-31528

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups Oliver reported that x86pmudel ended up doing an out-of-bound memory access when groupschedin fails and needs to roll back. This should be handled by the transaction callbacks, but he...

7CVSS5.5AI score0.00129EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-33261

A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service...

5.9CVSS5.8AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-33595

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-33597

PRSD detection denial of service...

7.5CVSS5.7AI score0.00348EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•10 views

SUSE CVE-2026-6768

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

9.8CVSS5.7AI score0.00285EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:37 a.m.•10 views

SUSE CVE-2026-35588

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module glances/exports/glancescassandra/init.py interpolates keyspace, table, and replicationfactor configuration values directly into CQL statements without validation. A user with write...

6.3CVSS5.7AI score0.00212EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/17 11:25 p.m.•10 views

SUSE CVE-2026-40253

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...

6.8CVSS6AI score0.0016EPSS
Exploits1References19
SUSE CVE
SUSE CVE
•added 2026/04/17 12:31 p.m.•10 views

SUSE CVE-2003-0972

Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...

10CVSS6.5AI score0.03401EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•10 views

SUSE CVE-2026-5598

Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all core modules. This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84...

8.6CVSS7.2AI score0.00691EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•10 views

SUSE CVE-2026-6306

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.5AI score0.00336EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 12:3 p.m.•10 views

SUSE CVE-2026-21726

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/namespace Thanks to Prasanth Sundararajan for reporting this vulnerability...

5.3CVSS5.7AI score0.00409EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/16 11:28 p.m.•10 views

SUSE CVE-2026-40179

Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...

5.4CVSS5.9AI score0.0024EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/15 11:26 p.m.•10 views

SUSE CVE-2026-33899

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.7AI score0.00428EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•10 views

SUSE CVE-2026-34987

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...

9.9CVSS5.8AI score0.00278EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•10 views

SUSE CVE-2026-35195

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings between components contains a bug where the return value of a guest component's realloc is not validated before the host attempts to write through the pointer. This...

5.9CVSS5.9AI score0.00216EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•10 views

SUSE CVE-2026-31426

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpiecsetup When ecinstallhandlers returns -EPROBEDEFER on reduced-hardware platforms, it has already started the EC and installed the address space handler with the struct acpiec...

6.6CVSS5.7AI score0.00111EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•10 views

SUSE CVE-2026-31427

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix use of uninitialized rtpaddr in processsdp processsdp declares union nfinetaddr rtpaddr on the stack and passes it to the nfnatsip sdpsession hook after walking the SDP media descriptions. However...

4.5CVSS5.7AI score0.00115EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•10 views

SUSE CVE-2026-34943

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a possible panic which can happen when a flags-typed component model value is lifted with the Val type. If bits are set outside of the set of flags the component model specifies that these bits...

5.3CVSS5.8AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/10 11:26 p.m.•10 views

SUSE CVE-2026-29146

Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are...

7.5CVSS5.8AI score0.03494EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/04/10 11:25 p.m.•10 views

SUSE CVE-2026-39395

Cosign provides code signing and transparency for containers and binaries. Prior to 3.0.6 and 2.6.3, cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures,...

6.5CVSS5.8AI score0.00241EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/09 11:30 p.m.•10 views

SUSE CVE-2026-5872

Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.7AI score0.00303EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•10 views

SUSE CVE-2026-5909

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

8.8CVSS7.4AI score0.00195EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/08 11:26 p.m.•10 views

SUSE CVE-2026-28808

Incorrect Authorization vulnerability in Erlang OTP inets modules allows unauthenticated access to CGI scripts protected by directory rules when served via scriptalias. When scriptalias maps a URL prefix to a directory outside DocumentRoot, modauth evaluates directory-based access controls agains...

7.4CVSS5.8AI score0.0053EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/08 11:25 p.m.•10 views

SUSE CVE-2026-32283

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...

5.9CVSS5.8AI score0.00621EPSS
Exploits0References44
SUSE CVE
SUSE CVE
•added 2026/04/08 11:24 p.m.•10 views

SUSE CVE-2026-35406

Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This vulnerability is fixed in 1.17.1...

6.2CVSS5.8AI score0.00383EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/07 11:25 p.m.•10 views

SUSE CVE-2026-34978

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside CacheDir/rss...

6.5CVSS5.9AI score0.00406EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•10 views

SUSE CVE-2026-23456

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...

5.3CVSS5.7AI score0.00443EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•10 views

SUSE CVE-2026-34829

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser only wraps the request body in a BoundedIO when CONTENTLENGTH is present. When a multipart/form-data request is sent without a Content-Length header, such as with HTTP chunked transfe...

7.5CVSS5.8AI score0.00369EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•10 views

SUSE CVE-2026-34872

An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-Hellman, the other party can force the shared secret into a small set of values lack of contributor...

9.1CVSS5.8AI score0.00204EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•10 views

SUSE CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•10 views

SUSE CVE-2026-34876

An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtlsccmfinish in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized taglen parameter. This is caused by missing validation of t...

7.5CVSS5.8AI score0.0039EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:24 p.m.•10 views

SUSE CVE-2026-34877

An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code execution. This is cause...

9.8CVSS6AI score0.00426EPSS
Exploits0References3
Total number of security vulnerabilities5000