58338 matches found
SUSE CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...
SUSE CVE-2026-2239
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...
SUSE CVE-2026-2240
A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the function janetcpopfuncdef of the file src/core/compile.c. Such manipulation leads to out-of-bounds read. The attack must be carried out locally. The exploit has been disclosed to the public and may be use...
SUSE CVE-2026-2241
A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function osstrftime of the file src/core/os.c. Performing a manipulation results in out-of-bounds read. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is...
SUSE CVE-2026-2242
A vulnerability was determined in janet-lang janet up to 1.40.1. This impacts the function janetcif of the file src/core/specials.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This...
SUSE CVE-2026-24027
Crafted zones can lead to increased incoming network traffic...
SUSE CVE-2026-25556
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...
SUSE CVE-2026-25635
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...
SUSE CVE-2026-25636
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...
SUSE CVE-2026-25727
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...
SUSE CVE-2026-25731
calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection SSTI vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via the --template-html or --template-html-index...
SUSE CVE-2026-25749
Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...
SUSE CVE-2026-25793
Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates which is not the default configuration, it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of th...
SUSE CVE-2026-25916
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...
SUSE CVE-2020-37127
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcprelease utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcprelease process by sending a crafted input string longer than 16...
SUSE CVE-2026-23989
REVA is an interoperability platform. Prior to 2.42.3 and 2.40.3, a bug in the GRPC authorization middleware of the "Reva" component of OpenCloud allows a malicious user to bypass the scope verification of a public link. By exploiting this via the the "archiver" service this can be leveraged to...
SUSE CVE-2025-69199
Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.0, websockets within wings lack proper rate limiting and throttling. As a result a malicious user can open a large number of connections and then request data through these...
SUSE CVE-2025-69820
Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...
SUSE CVE-2025-70849
Arbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the /store endpoint. The application renders uploaded content without a restrictive Content-Security-Policy CSP or adequate Content-Type validation, leading to Stored...
SUSE CVE-2026-0798
Gitea may send release notification emails for private repositories to users whose access has been revoked. When a repository is changed from public to private, users who previously watched the repository may continue to receive release notifications, potentially disclosing release titles, tags,...
SUSE CVE-2026-1237
Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or...
SUSE CVE-2026-1580
A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/auth-method Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to t...
SUSE CVE-2026-1979
A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...
SUSE CVE-2026-1998
A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name:...
SUSE CVE-2026-2100
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
SUSE CVE-2026-20736
Gitea does not properly verify repository context when deleting attachments. A user who previously uploaded an attachment to a repository may be able to delete it after losing access to that repository by making the request through a different repository they can access...
SUSE CVE-2026-20750
Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization...
SUSE CVE-2026-20800
Gitea's notification API does not re-validate repository access permissions when returning notification details. After a user's access to a private repository is revoked, they may still view issue and pull request titles through previously received notifications...
SUSE CVE-2026-20883
Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches...
SUSE CVE-2026-20888
Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface. A user with read access to pull requests may be able to cancel auto-merges scheduled by other users...
SUSE CVE-2026-20897
Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories...
SUSE CVE-2026-20904
Gitea does not properly validate ownership when toggling OpenID URI visibility. An authenticated user may be able to change the visibility settings of other users' OpenID identities...
SUSE CVE-2026-20912
Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users...
SUSE CVE-2026-21696
Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Starting in version 1.7.0 and prior to version 1.12.0, Wings does not consider SQLite max parameter limit when processing activity log entries allowing for low privileged user to trigger a conditi...
SUSE CVE-2026-22808
fleetdm/fleet is open source device management software. Prior to versions 4.78.2, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, if Windows MDM is enabled, an unauthenticated attacker can exploit this XSS vulnerability to steal a Fleet administrator's authentication token FLEET::authtoken from localStorage...
SUSE CVE-2026-22822
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Starting in version 0.20.2 and prior to version 1.2.0, the getSecretKey template function, while introduced for senhasegura Devops Secrets Management DSM provider, ha...
SUSE CVE-2026-23517
Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...
SUSE CVE-2026-23518
Fleet is open source device management software. In versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, a vulnerability in Fleet's Windows MDM enrollment flow could allow an attacker to submit forged authentication tokens that are not properly validated. Because JWT signatures were not...
SUSE CVE-2026-23645
SiYuan is self-hosted, open source personal knowledge management software. Prior to 3.5.4-dev2, a Stored Cross-Site Scripting XSS vulnerability exists in SiYuan Note. The application does not sanitize uploaded SVG files. If a user uploads and views a malicious SVG file e.g., imported from an...
SUSE CVE-2026-23742
Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The...
SUSE CVE-2026-23829
Mailpit is an email testing tool and API for developers. Prior to version 1.28.3, Mailpit's SMTP server is vulnerable to Header Injection due to an insufficient Regular Expression used to validate RCPT TO and MAIL FROM addresses. An attacker can inject arbitrary SMTP headers or corrupt existing...
SUSE CVE-2026-23845
Mailpit is an email testing tool and API for developers. Versions prior to 1.28.3 are vulnerable to Server-Side Request Forgery SSRF via HTML Check CSS Download. The HTML Check feature /api/v1/message/ID/html-check is designed to analyze HTML emails for compatibility. During this process, the...
SUSE CVE-2026-23847
SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons type=8. The content query parameter is inserted directly into the S...
SUSE CVE-2026-23849
File Browser provides a file managing interface within a specified directory and can be used to upload, delete, preview, rename, and edit files. Prior to version 2.55.0, the JSONAuth. Auth function contains a logic flaw that allows unauthenticated attackers to enumerate valid usernames by measuri...
SUSE CVE-2026-23850
SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature allows unrestricted server side html-rendering which allows arbitrary file read LFD. Version 3.5.4 fixes the issue...
SUSE CVE-2026-23851
SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerability in the /api/file/globalCopyFiles endpoint. The function allows authenticated users to copy files from any location on the server's filesystem into the application's workspace without proper pat...
SUSE CVE-2026-23960
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user's browser under the Argo...
SUSE CVE-2026-23990
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...
SUSE CVE-2026-24058
Soft Serve is a self-hostable Git server for the command line. Versions 0.11.2 and below have a critical authentication bypass vulnerability that allows an attacker to impersonate any user including admin by "offering" the victim's public key during the SSH handshake before authenticating with...
SUSE CVE-2026-24124
Dragonfly is an open source P2P-based file distribution and image acceleration system. In versions 2.4.1-rc.0 and below, the Job API endpoints /api/v1/jobs lack JWT authentication middleware and RBAC authorization checks in the routing configuration. This allows any unauthenticated user with acce...