Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•10 views

SUSE CVE-2026-31421

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL pointer dereference on shared blocks The old-method path in fwclassify calls tcfblockq and dereferences q-handle. Shared blocks leave block-q NULL, causing a NULL deref when an empty clsfw filter is...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-31422

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsflow: fix NULL pointer dereference on shared blocks flowchange calls tcfblockq and dereferences q-handle to derive a default baseclass. Shared blocks leave block-q NULL, causing a NULL deref when a flow filter witho...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•7 views

SUSE CVE-2026-31423

In the Linux kernel, the following vulnerability has been resolved: net/sched: schhfsc: fix divide-by-zero in rtscmin m2sm converts a u32 slope to a u64 scaled value. For large inputs e.g. m1=4000000000, the result can reach 2^32. rtscmin stores the difference of two such u64 values in a u32...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•6 views

SUSE CVE-2026-31424

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•7 views

SUSE CVE-2026-31425

In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rdsibgetmr extracts the rdsibconnection from conn-ctransportdata and passes it to rdsibregfrmr for FRWR memory registration. On a fresh outgoing connection, ic...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•10 views

SUSE CVE-2026-31426

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpiecsetup When ecinstallhandlers returns -EPROBEDEFER on reduced-hardware platforms, it has already started the EC and installed the address space handler with the struct acpiec...

6.6CVSS5.7AI score0.00111EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•10 views

SUSE CVE-2026-31427

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix use of uninitialized rtpaddr in processsdp processsdp declares union nfinetaddr rtpaddr on the stack and passes it to the nfnatsip sdpsession hook after walking the SDP media descriptions. However...

4.5CVSS5.7AI score0.00115EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•8 views

SUSE CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

5.5CVSS5.7AI score0.00124EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•4 views

SUSE CVE-2026-32146

Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. Dependency names from gleam.toml and manifest.toml are incorporated into filesystem paths without sufficient validation or confinement ...

8.3CVSS5.9AI score0.00239EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•6 views

SUSE CVE-2026-32884

Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the end-entity certificate Botan would check that the CN was allowed by t...

5.9CVSS5.7AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References13
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•10 views

SUSE CVE-2026-34943

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a possible panic which can happen when a flags-typed component model value is lifted with the Val type. If bits are set outside of the set of flags the component model specifies that these bits...

5.3CVSS5.8AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34944

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...

5.7CVSS5.8AI score0.00227EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•9 views

SUSE CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.3CVSS5.8AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•8 views

SUSE CVE-2026-34946

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can result in a host panic. This means that a valid guest can be compiled with Winch, on any architecture...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:26 p.m.•7 views

SUSE CVE-2026-34988

Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...

6.3CVSS5.8AI score0.00286EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•4 views

SUSE CVE-2026-40021

Apache Log4net's XmlLayout https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list and XmlLayoutSchemaLog4J https://logging.apache.org/log4net/manual/configuration/layouts.htmllayout-list , in versions before 3.3.0, fail to sanitize characters forbidden by the XML 1.0...

6.3CVSS5.8AI score0.0075EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•5 views

SUSE CVE-2026-40023

Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx11xml11XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specification https://www.w3.org/TR/xml/charsets in log messages, NDC, and MDC property keys and values, producin...

5.3CVSS5.8AI score0.00499EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•6 views

SUSE CVE-2026-40188

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...

7.7CVSS5.8AI score0.00318EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•6 views

SUSE CVE-2026-40189

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.4, goshs enforces the documented per-folder .goshs ACL/basic-auth mechanism for directory listings and file reads, but it does not enforce the same authorization checks for state-changing routes. An unauthenticated attacker can upload...

9.8CVSS5.8AI score0.00651EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•4 views

SUSE CVE-2026-40190

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.5.18, the LangSmith JavaScript/TypeScript SDK langsmith contains an incomplete prototype pollution fix in its internally vendored lodash set utility. The baseAssignValue function only guards against the...

5.6CVSS5.8AI score0.00233EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•6 views

SUSE CVE-2026-40224

In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace...

6.7CVSS5.8AI score0.00079EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•8 views

SUSE CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•5 views

SUSE CVE-2026-40228

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set...

2.9CVSS5.9AI score0.00173EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•5 views

SUSE CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

4.4CVSS5.8AI score0.00094EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•5 views

SUSE CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

4.4CVSS5.8AI score0.0014EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 11:25 p.m.•6 views

SUSE CVE-2026-40393

In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca...

6.8CVSS5.8AI score0.00348EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/13 8:38 a.m.•4 views

SUSE CVE-2019-14607

Improper conditions check in multiple Intel� Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access...

5.3CVSS6AI score0.00343EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/13 8:31 a.m.•6 views

SUSE CVE-2020-10134

Pairing in Bluetooth� Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedure...

6.3CVSS7.4AI score0.00658EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/12 11:24 p.m.•5 views

SUSE CVE-2026-31413

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...

5.7AI score0.00221EPSS
Exploits2References4
SUSE CVE
SUSE CVE
•added 2026/04/12 11:24 p.m.•4 views

SUSE CVE-2026-35205

Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. This vulnerability is fixed in 4.1.4...

7.8CVSS5.8AI score0.00178EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/12 11:24 p.m.•4 views

SUSE CVE-2026-35206

Helm is a package manager for Charts for Kubernetes. In Helm versions =3.20.1 and =4.1.3, a specially crafted Chart will cause helm pull --untar chart URL | repo/chartname to write the Chart's contents to the immediate output directory as defaulted to the current working directory; or as given by...

4.4CVSS5.8AI score0.00199EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/12 11:24 p.m.•5 views

SUSE CVE-2026-40223

In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User= unit exists and is running...

4.7CVSS5.8AI score0.00086EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/11 11:26 p.m.•5 views

SUSE CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/11 11:26 p.m.•15 views

SUSE CVE-2026-40226

In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...

6.4CVSS5.8AI score0.00072EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/11 10:25 a.m.•8 views

SUSE CVE-2022-0613

Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8...

6.5CVSS6.4AI score0.0158EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•4 views

SUSE CVE-2024-20993

unknown...

4.9CVSS6.5AI score0.01085EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•5 views

SUSE CVE-2024-21049

unknown...

4.9CVSS6.5AI score0.00986EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•9 views

SUSE CVE-2024-21050

unknown...

4.9CVSS6.5AI score0.00986EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•4 views

SUSE CVE-2024-21051

unknown...

4.9CVSS6.5AI score0.00986EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•3 views

SUSE CVE-2024-21052

unknown...

4.9CVSS6.5AI score0.00924EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•6 views

SUSE CVE-2024-21053

unknown...

4.9CVSS6.5AI score0.00962EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•5 views

SUSE CVE-2024-21055

unknown...

4.9CVSS6.5AI score0.00887EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•4 views

SUSE CVE-2024-21056

unknown...

4.9CVSS6.5AI score0.00887EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•3 views

SUSE CVE-2024-21057

unknown...

4.9CVSS6.5AI score0.00969EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•5 views

SUSE CVE-2024-21061

unknown...

4.9CVSS6.5AI score0.00887EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•4 views

SUSE CVE-2024-21137

unknown...

4.9CVSS6.5AI score0.00836EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:7 a.m.•5 views

SUSE CVE-2024-21200

unknown...

4.9CVSS6.7AI score0.00852EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/11 10:3 a.m.•5 views

SUSE CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

3.6CVSS6.4AI score0.004EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/11 9:30 a.m.•6 views

SUSE CVE-2025-45806

A cross-site scripting XSS vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS6AI score0.00239EPSS
Exploits0References3
Total number of security vulnerabilities59854