Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/02 8:37 a.m.•7 views

SUSE CVE-2026-34441

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.40.0, cpp-httplib is vulnerable to HTTP Request Smuggling. The server's static file handler serves GET responses without consuming the request body. On HTTP/1.1 keep-alive connections, the unread...

4.8CVSS5.7AI score0.00196EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/02 8:37 a.m.•8 views

SUSE CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

7.4CVSS6AI score0.00351EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/04/02 8:37 a.m.•5 views

SUSE CVE-2026-34956

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/02 8:37 a.m.•4 views

SUSE CVE-2026-34982

Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The complete, guitabtooltip and printheader options are missing the PMLE flag, allowing a modeline to be executed...

8.2CVSS6.2AI score0.0047EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/04/02 8:37 a.m.•4 views

SUSE CVE-2026-35091

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References11
SUSE CVE
SUSE CVE
•added 2026/04/02 8:37 a.m.•4 views

SUSE CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.9AI score0.00994EPSS
Exploits1References11
SUSE CVE
SUSE CVE
•added 2026/03/31 11:29 p.m.•6 views

SUSE CVE-2025-49010

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

3.8CVSS5.8AI score0.0013EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/03/31 11:29 p.m.•5 views

SUSE CVE-2025-66037

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzzpkcs15reader harness causes OpenSC to perform an out-of-bounds heap read in the X.509/SPKI handling path. Specifically, scpkcs15pubkeyfromspkifields allocates a zero-length buffer...

3.9CVSS5.9AI score0.00253EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:29 p.m.•5 views

SUSE CVE-2025-66038

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS5.9AI score0.00282EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:29 p.m.•5 views

SUSE CVE-2025-66215

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that...

3.8CVSS5.8AI score0.00159EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/03/31 11:29 p.m.•6 views

SUSE CVE-2026-0396

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either DynBlockRulesGroup:setSuffixMatchRule or DynBlockRulesGroup:setSuffixMatchRuleFFI...

3.1CVSS5.8AI score0.00136EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:29 p.m.•9 views

SUSE CVE-2026-0397

When the internal webserver is enabled default is disabled, an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard. The root cause of the issue is a misconfiguration o...

3.1CVSS5.9AI score0.00161EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:29 p.m.•7 views

SUSE CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

7.5CVSS5.8AI score0.00357EPSS
Exploits1References22
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•9 views

SUSE CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

9.8CVSS5.9AI score0.00705EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•6 views

SUSE CVE-2026-5121

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for...

7.1CVSS6.7AI score0.01073EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•5 views

SUSE CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

5.3CVSS6AI score0.00154EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•6 views

SUSE CVE-2026-5186

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

5.3CVSS5.7AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•8 views

SUSE CVE-2026-5201

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS6AI score0.01069EPSS
Exploits1References18
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•8 views

SUSE CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously...

5.4CVSS6AI score0.00354EPSS
Exploits2References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•4 views

SUSE CVE-2026-20664

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS5.8AI score0.0072EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•4 views

SUSE CVE-2026-20665

This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may prevent Content Security Policy from bei...

5.4CVSS5.8AI score0.0061EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•5 views

SUSE CVE-2026-20691

An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user...

4.3CVSS5.8AI score0.00276EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•4 views

SUSE CVE-2026-24028

An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential...

5.3CVSS5.9AI score0.01028EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•4 views

SUSE CVE-2026-24029

When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...

6.5CVSS5.9AI score0.00148EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•5 views

SUSE CVE-2026-24030

An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in a denial of service. In setups with a large quantity of memory available this usually results in an exception and the QUIC connection is properly...

5.3CVSS5.9AI score0.00537EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•5 views

SUSE CVE-2026-27853

An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535...

5.9CVSS5.9AI score0.00489EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:28 p.m.•5 views

SUSE CVE-2026-27854

An attacker might be able to trigger a use-after-free by sending crafted DNS queries to a DNSdist using the DNSQuestion:getEDNSOptions method in custom Lua code. In some cases DNSQuestion:getEDNSOptions might refer to a version of the DNS packet that has been modified, thus triggering a...

4.8CVSS5.7AI score0.00471EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•4 views

SUSE CVE-2026-28857

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS5.8AI score0.00572EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•4 views

SUSE CVE-2026-28859

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox...

6.5CVSS5.8AI score0.00636EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•4 views

SUSE CVE-2026-28861

A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious website may be able to access script message handlers intended for other origins...

4.7CVSS5.8AI score0.0031EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•5 views

SUSE CVE-2026-28871

A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack...

4.3CVSS5.8AI score0.00276EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•5 views

SUSE CVE-2026-32714

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the KeyCache class in scitokens was vulnerable to SQL Injection because it used Python's str.format to construct SQL queries with user-supplied data such as issuer and keyid. This allowed an attacker to...

9.8CVSS6.1AI score0.00492EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•9 views

SUSE CVE-2026-32716

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the sa...

6.5CVSS5.8AI score0.00389EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•4 views

SUSE CVE-2026-32727

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library...

6.5CVSS5.8AI score0.00516EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•5 views

SUSE CVE-2026-33952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an unvalidated authlength field read from the network triggers a WINPRASSERT failure in rtsreadauthverifiernochecks, causing any FreeRDP client connecting through a malicious RDP Gateway to crash with SIGABR...

6.5CVSS5.8AI score0.00271EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•5 views

SUSE CVE-2026-33977

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

6.5CVSS5.8AI score0.00256EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•4 views

SUSE CVE-2026-33982

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpralignedoffsetrecalloc. This issue has been patched in version 3.24.2...

5.5CVSS5.8AI score0.00191EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•4 views

SUSE CVE-2026-33983

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressivedecompresstileupgrade detects a mismatch via progressiverfxquantcmpequal but only emits WLogWARN, execution continues. The wrapped value 247 is used as a shift exponent, causing undefined behavior...

6.5CVSS6AI score0.00426EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•6 views

SUSE CVE-2026-33984

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in resizevbarentry in libfreerdp/codec/clear.c, vBarEntry-size is updated to vBarEntry-count before the winpralignedrecalloc call. If realloc fails, size is inflated while pixels still points to the old,...

7.5CVSS6AI score0.00398EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•7 views

SUSE CVE-2026-33985

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

5.9CVSS5.8AI score0.00205EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•5 views

SUSE CVE-2026-33986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...

7.5CVSS5.8AI score0.00265EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•6 views

SUSE CVE-2026-33987

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

5.5CVSS5.8AI score0.001EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•3 views

SUSE CVE-2026-33995

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•7 views

SUSE CVE-2026-34041

act is a project which allows for local running of github actions. Prior to version 0.2.86, act unconditionally processes the deprecated ::set-env:: and ::add-path:: workflow commands, which was disabled due to environment injection risks. When a workflow step echoes untrusted data to stdout, an...

9.8CVSS5.9AI score0.00619EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•5 views

SUSE CVE-2026-34042

act is a project which allows for local running of github actions. Prior to version 0.2.86, act's built in actions/cache server listens to connections on all interfaces and allows anyone who can connect to it including someone anywhere on the internet to create caches with arbitrary keys and...

8.2CVSS6.4AI score0.00459EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/31 11:27 p.m.•5 views

SUSE CVE-2026-34714

Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %expr injection occurs with tabpanel lacking PMLE...

8.6CVSS6.3AI score0.00588EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/31 9:3 a.m.•4 views

SUSE CVE-2016-20038

yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can craft a malicious command-line argument containing shellcode and a return address to overwrite the...

8.6CVSS6.6AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/31 9:3 a.m.•4 views

SUSE CVE-2016-20044

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the...

8.6CVSS6.4AI score0.00241EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/31 9:2 a.m.•5 views

SUSE CVE-2017-20229

MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a return-oriented programmi...

9.8CVSS6.6AI score0.00602EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/31 8:38 a.m.•4 views

SUSE CVE-2026-3945

An integer overflow vulnerability in the HTTP chunked transfer encoding parser in tinyproxy up to and including version 1.11.3 allows an unauthenticated remote attacker to cause a denial of service DoS. The issue occurs because chunk size values are parsed using strtol without properly validating...

8.7CVSS6AI score0.00598EPSS
Exploits0References3
Total number of security vulnerabilities59854