Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
•added 2026/04/24 1:29 a.m.•9 views

SUSE CVE-2026-31533

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption The -EBUSY handling in tlsdoencryption, introduced by commit 859054147318 "net: tls: handle backlogging of crypto requests", has a use-after-free due to double...

7CVSS5.7AI score0.00263EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/24 1:28 a.m.•9 views

SUSE CVE-2026-41179

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs...

9.8CVSS5.9AI score0.09199EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•9 views

SUSE CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

7.5CVSS5.6AI score0.00629EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•9 views

SUSE CVE-2026-6845

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...

5CVSS5.7AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•9 views

SUSE CVE-2026-22007

unknown...

2.9CVSS7.2AI score0.00124EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•9 views

SUSE CVE-2026-22016

unknown...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•9 views

SUSE CVE-2026-22021

unknown...

5.3CVSS7.2AI score0.00305EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•9 views

SUSE CVE-2026-31433

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

8.8CVSS5.8AI score0.006EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•9 views

SUSE CVE-2026-31441

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxdwqdisablecleanup which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty all its resourc...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•9 views

SUSE CVE-2026-31447

In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with sfirstdatablock != 0 bigalloc with sfirstdatablock != 0 is not supported, reject mounting it...

5.6AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•9 views

SUSE CVE-2026-31448

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...

5.5CVSS5.7AI score0.00433EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•9 views

SUSE CVE-2026-31466

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix folio isn't locked in softleaftofolio On arm64 server, we found folio that get from migration entry isn't locked in softleaftofolio. This issue triggers when mTHP splitting and zapnonpresentptes races, and the...

4.7CVSS5.6AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•9 views

SUSE CVE-2026-31474

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotpsendmsg isotpsendmsg uses only cmpxchg on so-tx.state to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a...

5.5CVSS5.6AI score0.00104EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•9 views

SUSE CVE-2026-31478

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2len with offsetof in smb2calcmaxoutbuflen After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", response buffer management was changed to use dynamic iov array. In the new design,...

9.8CVSS5.8AI score0.00502EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•9 views

SUSE CVE-2026-31479

In the Linux kernel, the following vulnerability has been resolved: drm/xe: always keep track of remap prev/next During 3D workload, user is reporting hitting: 413.361679 WARNING: drivers/gpu/drm/xe/xevm.c:1217 at vmbindioctlopsunwind+0x1e2/0x2e0 xe, CPU7: vkd3dqueue/9925 413.361944 CPU: 7 UID:...

5.6AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•9 views

SUSE CVE-2026-31483

In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospec boundary to prevent access past the syscall function pointer tables...

4.7CVSS5.7AI score0.00123EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•9 views

SUSE CVE-2026-31492

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...

5.5CVSS5.6AI score0.00123EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•9 views

SUSE CVE-2026-31505

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...

7CVSS5.8AI score0.00129EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31521

In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...

4.4CVSS5.6AI score0.00123EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31524

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it. Switch to devmkzalloc to ensure the memory is managed and freed...

4.7CVSS5.7AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33595

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33601

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.4CVSS5.8AI score0.00512EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:23 a.m.•9 views

SUSE CVE-2026-40903

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUBTOKEN through workflow artifacts, even though the token is not present in the repository source code. This vulnerability is fixed in 2.0.0-beta.6...

9.1CVSS5.8AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•9 views

SUSE CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

5.7CVSS5.9AI score0.00345EPSS
Exploits1References11
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•9 views

SUSE CVE-2026-6747

Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.7AI score0.004EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•9 views

SUSE CVE-2026-6758

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00429EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•9 views

SUSE CVE-2026-6768

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

9.8CVSS5.7AI score0.00285EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•9 views

SUSE CVE-2026-6783

Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.8AI score0.0023EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/20 11:29 p.m.•9 views

SUSE CVE-2026-5958

When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determining when output is written, 2. opens the original...

6.9CVSS5.9AI score0.00142EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/17 12:6 p.m.•9 views

SUSE CVE-2026-0636

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from...

5.3CVSS5.8AI score0.00527EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•9 views

SUSE CVE-2026-6311

Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00273EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•9 views

SUSE CVE-2026-6318

Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•9 views

SUSE CVE-2026-6319

Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS6.2AI score0.00293EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/16 11:27 p.m.•9 views

SUSE CVE-2026-40917

A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the icnsslurp function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process...

7.1CVSS5.9AI score0.00167EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/15 11:25 p.m.•9 views

SUSE CVE-2026-40169

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19...

6.2CVSS5.7AI score0.0018EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/04/15 11:25 p.m.•9 views

SUSE CVE-2026-40312

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

6.2CVSS5.7AI score0.00177EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/15 8:50 a.m.•9 views

SUSE CVE-2024-44201

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iPadOS 17.7.3, macOS Sequoia 15.1, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Processing a malicious crafted file may lead to a denial-of-service...

5.5CVSS5.8AI score0.0027EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•9 views

SUSE CVE-2026-34971

Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...

9CVSS6AI score0.00319EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•9 views

SUSE CVE-2026-34987

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...

9.9CVSS5.8AI score0.00278EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•9 views

SUSE CVE-2026-35195

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings between components contains a bug where the return value of a guest component's realloc is not validated before the host attempts to write through the pointer. This...

5.9CVSS5.9AI score0.00216EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-31420

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without validation. When interval is 0, usecstojiffies0 yields 0, causing the...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-31421

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL pointer dereference on shared blocks The old-method path in fwclassify calls tcfblockq and dereferences q-handle. Shared blocks leave block-q NULL, causing a NULL deref when an empty clsfw filter is...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-31422

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References13
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

5.7CVSS5.8AI score0.00227EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.3CVSS5.8AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/10 11:26 p.m.•9 views

SUSE CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

6.8CVSS5.8AI score0.0017EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/09 11:30 p.m.•9 views

SUSE CVE-2026-5872

Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.7AI score0.00303EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•9 views

SUSE CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•9 views

SUSE CVE-2026-5909

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

8.8CVSS7.4AI score0.00195EPSS
Exploits0References3
Total number of security vulnerabilities5000