Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/06/30 1:49 a.m.•8 views

SUSE CVE-2026-12245

NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:49 a.m.•8 views

SUSE CVE-2026-12490

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

8.2CVSS5.8AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:49 a.m.•8 views

SUSE CVE-2026-13588

A vulnerability was determined in seladb PcapPlusPlus 25.05. The impacted element is the function pcpp::SSLClientHelloMessage::getHandshakeVersion of the file Packet++/src/SSLHandshake.cpp of the component TLS Hello Handler. Executing a manipulation of the argument handshakeVersion can lead to...

6.3CVSS6.1AI score0.0038EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:44 a.m.•8 views

SUSE CVE-2026-47207

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an extproc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the...

6.5CVSS5.7AI score0.00444EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/06/30 1:44 a.m.•8 views

SUSE CVE-2026-47778

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .cstr before bei...

4.4CVSS5.8AI score0.00212EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/06/30 1:44 a.m.•8 views

SUSE CVE-2026-48751

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:44 a.m.•8 views

SUSE CVE-2026-48755

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:44 a.m.•8 views

SUSE CVE-2026-48756

unknown...

5.7AI score0.00025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:44 a.m.•8 views

SUSE CVE-2026-48804

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:43 a.m.•8 views

SUSE CVE-2026-53087

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:43 a.m.•8 views

SUSE CVE-2026-53090

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:43 a.m.•8 views

SUSE CVE-2026-53092

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

7.8CVSS5.5AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:43 a.m.•8 views

SUSE CVE-2026-53108

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unmap race with PMD migration entries The following race is possible with migration swap entries or device-private THP entries. e.g. when movepages is called on a PMD THP page, then there maybe an intermediate...

5.8AI score0.00151EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:42 a.m.•8 views

SUSE CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

4.4CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/30 1:42 a.m.•8 views

SUSE CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53279

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53280

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53283

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53288

In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of data, end segment may overflow into the next page of initpgend1 which is the gap page before earlyinitstack2: 1 crasharm64v9.0.1 vtop ffffffed00601000 VIRTUA...

5.9AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53292

In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53293

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g. copytouser was called while holding the lock. Then we allocated memory...

5.8AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53297

In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53299

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainittx If queue entry list allocation fails in airohaqdmainittxqueue routine, airohaqdmacleanuptxqueue will trigger a NULL pointer dereference accessing the queue entry...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:9 a.m.•8 views

SUSE CVE-2026-53301

In the Linux kernel, the following vulnerability has been resolved: reset: amlogic: t7: Fix null reset ops Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:8 a.m.•8 views

SUSE CVE-2026-53312

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...

5.9AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:8 a.m.•8 views

SUSE CVE-2026-53318

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925txcheckaggr Move the NULL check for 'sta' before dereferencing it to prevent a possible crash...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/28 1:8 a.m.•8 views

SUSE CVE-2026-53320

In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject zero bdoblocknr in nilfsioctlmarkblocksdirty nilfsioctlmarkblocksdirty uses bdoblocknr to detect dead blocks by comparing it with the current block number bdblocknr. If they differ, the block is considered dead and...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 2:5 a.m.•8 views

SUSE CVE-2026-11625

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.7AI score0.00309EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 2:5 a.m.•8 views

SUSE CVE-2026-11702

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

7.5CVSS5.8AI score0.00292EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 2:5 a.m.•8 views

SUSE CVE-2026-13006

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.36 in Java applications, allows an attacker to execute arbitrary code circumventing existing protections against CVE-2025-11226 by compromising an existing logback configuration...

6CVSS6.3AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 2:5 a.m.•8 views

SUSE CVE-2026-13318

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS5.9AI score0.00149EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:59 a.m.•8 views

SUSE CVE-2026-42388

Incomplete validation of the SOA record present in a catalog zone might lead to a crash...

5.9CVSS5.8AI score0.004EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:57 a.m.•8 views

SUSE CVE-2026-45808

unknown...

6.5CVSS5.7AI score0.00046EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:56 a.m.•8 views

SUSE CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

5.5CVSS5.8AI score0.00111EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:55 a.m.•8 views

SUSE CVE-2026-49839

jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...

7.1CVSS5.8AI score0.00165EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:55 a.m.•8 views

SUSE CVE-2026-52975

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-52986

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: don't use simplestrtoul Replace unsafe port parsing in epaddrlen, ctsipparseheaderuri, and ctsipparserequest with a new sipparseport helper that validates each digit against the buffer limit, eliminatin...

9.8CVSS6AI score0.00559EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-52987

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-52989

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

9.8CVSS5.8AI score0.00342EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53029

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...

5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53033

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

7.8CVSS5.8AI score0.00133EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53041

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block-based xattrs, listxattr can return a size larger than the caller's buffer when the inline names consume that buffer exactly...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53043

In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series "ocfs2/dlm: fix two bugs in dlmmatchregions". In dlmmatchregions, the qrnumregions field from a DLMQUERYREGION network message is used to drive loops over the...

9.1CVSS5.9AI score0.00521EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53051

In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control Backbone timeout occurs at DBI register offset 0x8bc PCIEMISCCONTROL1OFF...

5.8AI score0.00175EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53053

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53067

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb before requesting MSI vectors. If MSI allocation fails, the array is free...

5.8AI score0.00154EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53122

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

5.8AI score0.00179EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:54 a.m.•8 views

SUSE CVE-2026-53125

In the Linux kernel, the following vulnerability has been resolved: md: fix arraystate=clear sysfs deadlock When "clear" is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its own sysfs store method. However, mdattrstore currently drops the...

5.8AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:52 a.m.•8 views

SUSE CVE-2026-55892

Vim is an open source, command line text editor. Prior to 9.2.0662, the dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded only by the trie structure itself; it is never check...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/27 1:52 a.m.•8 views

SUSE CVE-2026-56766

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...

8.8CVSS6.6AI score0.00474EPSS
Exploits2References3
Total number of security vulnerabilities5000