Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31522

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: avoid memory leak in magicmousereportfixup The magicmousereportfixup function was returning a newly kmemdup-allocated buffer, but never freeing it. The caller of reportfixup does not take ownership of the returne...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31523

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...

5.6AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31525

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...

6.4CVSS5.7AI score0.00129EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33594

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...

7.5CVSS6AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33595

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33596

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend...

6.5CVSS5.7AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33601

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.4CVSS5.8AI score0.00512EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:23 a.m.•9 views

SUSE CVE-2026-40903

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUBTOKEN through workflow artifacts, even though the token is not present in the repository source code. This vulnerability is fixed in 2.0.0-beta.6...

9.1CVSS5.8AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•9 views

SUSE CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

5.7CVSS5.9AI score0.00345EPSS
Exploits1References11
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•9 views

SUSE CVE-2026-6747

Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

7.5CVSS5.7AI score0.004EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/04/22 1:40 a.m.•9 views

SUSE CVE-2026-6758

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.7AI score0.00429EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:39 a.m.•9 views

SUSE CVE-2026-6783

Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

5.3CVSS5.8AI score0.0023EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/20 11:29 p.m.•9 views

SUSE CVE-2026-5958

When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determining when output is written, 2. opens the original...

6.9CVSS5.9AI score0.00142EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/17 12:6 p.m.•9 views

SUSE CVE-2026-0636

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from...

5.3CVSS5.8AI score0.00527EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•9 views

SUSE CVE-2026-6311

Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00273EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•9 views

SUSE CVE-2026-6318

Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/17 12:4 p.m.•9 views

SUSE CVE-2026-6319

Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS6.2AI score0.00293EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/16 11:27 p.m.•9 views

SUSE CVE-2026-40917

A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the icnsslurp function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process...

7.1CVSS5.9AI score0.00167EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/15 11:26 p.m.•9 views

SUSE CVE-2026-33908

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When...

7.5CVSS5.7AI score0.0051EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/15 11:25 p.m.•9 views

SUSE CVE-2026-40169

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19...

6.2CVSS5.7AI score0.0018EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/04/15 11:25 p.m.•9 views

SUSE CVE-2026-40312

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

6.2CVSS5.7AI score0.00177EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/15 8:50 a.m.•9 views

SUSE CVE-2024-44201

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iPadOS 17.7.3, macOS Sequoia 15.1, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Processing a malicious crafted file may lead to a denial-of-service...

5.5CVSS5.8AI score0.00276EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/14 11:26 p.m.•9 views

SUSE CVE-2026-34478

Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.htmlRFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two distinct issues affect user...

6.9CVSS5.8AI score0.00831EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•9 views

SUSE CVE-2026-34971

Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...

9CVSS6AI score0.00319EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/14 11:25 p.m.•9 views

SUSE CVE-2026-34987

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...

9.9CVSS5.8AI score0.00278EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-31420

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without validation. When interval is 0, usecstojiffies0 yields 0, causing the...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-31422

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References13
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

5.7CVSS5.8AI score0.00227EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.3CVSS5.8AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/10 11:26 p.m.•9 views

SUSE CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

6.8CVSS5.8AI score0.0017EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•9 views

SUSE CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•9 views

SUSE CVE-2026-5893

Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•9 views

SUSE CVE-2026-5903

Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS7.3AI score0.00261EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:29 p.m.•9 views

SUSE CVE-2026-5909

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

8.8CVSS7.4AI score0.00195EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/09 11:26 p.m.•9 views

SUSE CVE-2026-33540

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, in pull-through cache mode, distribution discovers token auth endpoints by parsing WWW-Authenticate challenges returned by the configured upstream registry. The realm URL from a bearer challenge is used...

3.1CVSS5.8AI score0.00274EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/04/08 11:29 p.m.•9 views

SUSE CVE-2026-5208

Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...

8.2CVSS6.2AI score0.00972EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/08 11:25 p.m.•9 views

SUSE CVE-2026-32144

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...

8.1CVSS5.8AI score0.002EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/08 11:25 p.m.•9 views

SUSE CVE-2026-32282

On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the ATSYMLINKNOFOLLOW flag, which Root.Chmod uses to...

6.3CVSS5.8AI score0.00292EPSS
Exploits0References33
SUSE CVE
SUSE CVE
•added 2026/04/08 11:25 p.m.•9 views

SUSE CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

4.3CVSS5.8AI score0.0029EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/04/08 11:25 p.m.•9 views

SUSE CVE-2026-33033

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads with Content-Transfer-Encoding: base64 including excessive whitespace. Earlier, unsupported Django series such as...

5.3CVSS5.8AI score0.00689EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•9 views

SUSE CVE-2026-34933

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version...

5.5CVSS5.7AI score0.00203EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23437

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

7CVSS5.7AI score0.00127EPSS
Exploits0References40
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23440

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...

4.7CVSS5.8AI score0.00206EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23443

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix previous acpiprocessorerratapiix4 fix After commi f132e089fe89 "ACPI: processor: Fix NULL-pointer dereference in acpiprocessorerratapiix4", device pointers may be dereferenced after dropping references to the...

6.1CVSS5.8AI score0.00119EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23448

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP16 nframes bounds check cdcncmrxverifyndp16 validates that the NDP header and its DPE entries fit within the skb. The first check correctly accounts for ndpoffset: if ndpoffset + sizeofstruct...

6.1CVSS5.9AI score0.00129EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23450

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock 1. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP listening...

7CVSS5.7AI score0.00488EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23454

In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in manahwcdestroychannel by reordering teardown A potential race condition exists in manahwcdestroychannel where hwc-callerctx is freed before the HWC's Completion Queue CQ and Event Queue EQ are...

6.4CVSS5.7AI score0.00118EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23455

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: check for zero length in DecodeQ931 In DecodeQ931, the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to...

6.3CVSS5.8AI score0.00514EPSS
Exploits0References20
Total number of security vulnerabilities5000