Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
added 2026/06/11 11:14 a.m.9 views

SUSE CVE-2026-48733

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

4.7CVSS5.2AI score0.00092EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/11 11:13 a.m.9 views

SUSE CVE-2026-53464

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25...

4CVSS5.2AI score0.0011EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:32 a.m.9 views

SUSE CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00264EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11638

Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.5AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11639

Use after free in Compositing in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00275EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11643

Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.1CVSS6AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.01654EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00314EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11653

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11657

Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11661

Use after free in Views in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11664

Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11666

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.4CVSS5.5AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00215EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11669

Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.5AI score0.00213EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11670

Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6AI score0.00224EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11671

Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.5AI score0.00243EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11677

Race in Network in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00148EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11678

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.5AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.9 views

SUSE CVE-2026-11686

Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.9 views

SUSE CVE-2026-11689

Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.4AI score0.00218EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.9 views

SUSE CVE-2026-11690

Out of bounds read and write in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.9 views

SUSE CVE-2026-11691

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.9 views

SUSE CVE-2026-11695

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.9 views

SUSE CVE-2026-11699

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00203EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.9 views

SUSE CVE-2026-11701

Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.5AI score0.00178EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:29 a.m.9 views

SUSE CVE-2026-29167

Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.3CVSS5.4AI score0.00663EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/10 2:28 a.m.9 views

SUSE CVE-2026-42535

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

5.5CVSS5.3AI score0.00538EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-46319

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: Only release RCU read lock after ctft When looking up a flow table in actct in tcfctflowtableget, rhashtablelookupfast internally opens and closes an RCU read critical section before returning ctft. The...

7CVSS5.4AI score0.00125EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-46320

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

3.3CVSS5.4AI score0.00235EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7CVSS5.3AI score0.00134EPSS
Exploits0References34
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS5.4AI score0.00132EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-46332

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may recei...

6.4CVSS5.6AI score0.00193EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-48785

unknown...

4.8CVSS5.4AI score
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-52905

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two minregionsz on damonstart Commit d8f867fa0825 "mm/damon: add damonctx-minszregion" introduced a bug that allows unaligned DAMON region address ranges. Commit c80f46ac228b "mm/damon/core:...

4.4CVSS5.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.9 views

SUSE CVE-2026-46295

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in kvmapicupdateirr even if PIR is empty Fall back to apicfindhighestvector when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In a...

5.5CVSS5.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.10 views

SUSE CVE-2026-46311

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

7CVSS5.4AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.9 views

SUSE CVE-2026-46313

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...

5.5CVSS5.3AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.9 views

SUSE CVE-2026-48101

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule .scap parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize up to 1 GiB without...

5.5CVSS5.6AI score0.00277EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/06/08 1:5 a.m.9 views

SUSE CVE-2026-1070

The Alex User Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.0. This is due to missing nonce validation on the alexusercounterfunction function. This makes it possible for unauthenticated attackers to update the plugin settings via...

4.3CVSS5.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/07 4:51 a.m.9 views

SUSE CVE-2026-10903

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00493EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10918

Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10920

Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00305EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10923

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

8.8CVSS6AI score0.00351EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10940

Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00228EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10944

Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.5AI score0.00296EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:49 a.m.9 views

SUSE CVE-2026-10958

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00361EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:49 a.m.9 views

SUSE CVE-2026-10967

Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00267EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:48 a.m.9 views

SUSE CVE-2026-11003

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00456EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:48 a.m.9 views

SUSE CVE-2026-11011

Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

8.1CVSS5.4AI score0.0031EPSS
Exploits0References2
Total number of security vulnerabilities5000