Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.8 views

SUSE CVE-2026-8020

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.8 views

SUSE CVE-2026-8093

Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2...

7.5CVSS6AI score0.00323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:22 a.m.8 views

SUSE CVE-2026-40243

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

2.3CVSS5.8AI score0.00173EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:21 a.m.8 views

SUSE CVE-2026-41685

Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking down the host system. The impact here is limited for anyone using storage.imagesvolume and...

4.3CVSS5.7AI score0.00333EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:21 a.m.8 views

SUSE CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

6.5CVSS5.8AI score0.00393EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:21 a.m.8 views

SUSE CVE-2026-42285

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with inconsistent...

7.5CVSS5.8AI score0.00418EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:24 a.m.8 views

SUSE CVE-2025-71273

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devmkmemdup in rtwsetsupportedband Simplify the code by using device managed memory allocations. This also fixes a memory leak in rtwregisterhw. The supported bands were not freed in the error path. Copied from...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:24 a.m.8 views

SUSE CVE-2025-71292

In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:20 a.m.8 views

SUSE CVE-2026-40110

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match to check incoming origins against the alloworiginpat configuration value. Because re.match only anchors at the start of the string and does not require a...

7.3CVSS5.8AI score0.00333EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:19 a.m.8 views

SUSE CVE-2026-43078

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.8 views

SUSE CVE-2026-43084

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...

5.8AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.8 views

SUSE CVE-2026-43086

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix NULL deref in ipvsaddservice error path When ipvsbindscheduler succeeds in ipvsaddservice, the local variable sched is set to NULL. If ipvsstartestimator subsequently fails, the outerr cleanup calls...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.8 views

SUSE CVE-2026-43087

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Disable all pin interrupts during probe A chip being probed may have the interrupt-on-change feature enabled on some of its pins, for example after a reboot. This can cause the chip to generate interrupts for...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.8 views

SUSE CVE-2026-43090

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrmmigratepolicyfind syzkaller reported a memory leak in xfrmpolicyalloc: BUG: memory leak unreferenced object 0xffff888114d79000 size 1024: comm "syz.1.17", pid 931 ... xfrmpolicyalloc+0xb3/0x4b0...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.8 views

SUSE CVE-2026-43106

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...

5.7AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.8 views

SUSE CVE-2026-43154

In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or...

5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.8 views

SUSE CVE-2026-43222

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: AV1: Fix tile info buffer size Each tile info is composed of: rowsb, colsb, startpos and endpos 4 bytes each. So the total required memory is AV1MAXTILES 16 bytes. Use the correct define to allocate the buffer...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-43238

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 "net: sched: support hash selecting tx queue" added SKBEDITFTXQSKBHASH support. The inclusive range size is computed as: mappingmod = queuemappingmax...

5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-43239

In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in -queryinterfaces It was possible for two query interface works to be concurrently trying to update the interfaces. Prevent this by checking and updating ifacelastupdate under ifacelock...

5.5CVSS5.7AI score0.00354EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-43244

In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments in the curre...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-43262

In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2fiemap, we are calling iomapfiemap while holding the inode glock. This can lead to recursive glock taking if the fiemap buffer is memory mapped to the same inode and accessing it triggers a page...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-43270

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtkmdpremove In mtkmdpprobe, vpugetplatdevice increases the reference count of the returned platform device. Add platformdeviceput to prevent reference leak...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-43276

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix double destroyworkqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free crash was found on the service rescan PCI path. When manaservreset calls managdsuspend, managdcleanup...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.8 views

SUSE CVE-2026-44331

In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltabfetchclientscb in contrib/modwrap2sql.c allows a remote attacker to inject arbitrary SQL commands via a crafted domain name that is accessed in a reverse DNS lookup. When "UseReverseDNS on" is enabled, the...

8.1CVSS6AI score0.00455EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.8 views

SUSE CVE-2026-31764

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when userspace writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr, which...

5.9AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.8 views

SUSE CVE-2026-32952

go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...

5.3CVSS5.8AI score0.01027EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.8 views

SUSE CVE-2026-42091

goshs is a SimpleHTTPServer written in Go. Prior to version 2.0.2, the PUT upload handler httpserver/updown.go lacks the CSRF token validation that was added to the POST upload handler during the CVE-2026-40883 fix. Combined with the unconditional Access-Control-Allow-Origin: on the OPTIONS...

6.5CVSS5.9AI score0.00165EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.8 views

SUSE CVE-2026-42154

Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a sma...

7.5CVSS5.8AI score0.00761EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.8 views

SUSE CVE-2026-43004

In the Linux kernel, the following vulnerability has been resolved: spi: stm32-ospi: Fix resource leak in remove callback The remove callback returned early if pmruntimeresumeandget failed, skipping the cleanup of spi controller and other resources. Remove the early return so cleanup completes...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.8 views

SUSE CVE-2026-43007

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over the QAICCONTROL MHI channel. QAIC handles this by calling...

5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.8 views

SUSE CVE-2026-43013

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: lag: Check for LAG device before creating debugfs mlx5lagdevaddmdev may return 0 success even when an error occurs that is handled gracefully. Consequently, the initialization flow proceeds to call mlx5ldevadddebugfs ev...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.8 views

SUSE CVE-2026-43033

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place src != dst, there is no need to save the high-order sequence bits in dst as it could simply be re-copied...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43041

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtrtxflow radixtree with xarray to fix memory leak radixtreecreate allocates and links intermediate nodes into the tree one by one. If a subsequent allocation fails, the already-linked nodes remain in the tree...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43042

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...

7.1CVSS5.7AI score0.0011EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43043

In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AFALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new afalgtsgl structure. If a sendmsg fills an SGL exactly to MAXSGLENTS, the...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43045

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshvregionpin The current error handling has two issues: First, pinuserpagesfast can return a short pin count less than requested but greater than zero when it cannot pin all requested pages. This is...

7CVSS5.8AI score0.001EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43049

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure Presently, if the force feedback initialisation fails when probing the Logitech G920 Driving Force Racing Wheel for Xbox One, an error number wi...

5.5CVSS5.8AI score0.00116EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43063

In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43065

In the Linux kernel, the following vulnerability has been resolved: ext4: always drain queued discard work in ext4mbrelease While reviewing recent ext4 patch1, Sashiko raised the following concern2: If the filesystem is initially mounted with the discard option, deleting files will populate...

3.9CVSS5.8AI score0.00117EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-44029

An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 introduced in 2.24.7;...

5.3CVSS5.9AI score0.00573EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.8 views

SUSE CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.8 views

SUSE CVE-2026-40912

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The middleware matches...

8.2CVSS5.7AI score0.00767EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.8 views

SUSE CVE-2026-41263

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel vulnerability in Traefik's BasicAuth middleware that allows an attacker to enumerate valid usernames through response-time differences. The variable intended to ho...

3.7CVSS5.7AI score0.00369EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/01 2:15 a.m.8 views

SUSE CVE-2025-31958

HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end...

8.2CVSS5.3AI score0.00177EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/01 2:12 a.m.8 views

SUSE CVE-2026-5405

RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution...

8.8CVSS6.2AI score0.00161EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2026/05/01 2:11 a.m.8 views

SUSE CVE-2026-6534

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.0018EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/01 2:11 a.m.8 views

SUSE CVE-2026-6536

DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4...

5.5CVSS5.2AI score0.0018EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/01 2:3 a.m.8 views

SUSE CVE-2026-42798

Little CMS lcms2 2.16 through 2.18 before 2.19 has an integer overflow in ParseCube in cmscgats.c...

4CVSS5.3AI score0.00128EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/30 2:46 a.m.8 views

SUSE CVE-2007-6735

NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session...

7.5CVSS5.4AI score0.01849EPSS
Exploits0References3
Total number of security vulnerabilities5000