Lucene search
K
SusecveRecent

59178 matches found

SUSE CVE
SUSE CVE
added yesterday6 views

SUSE CVE-2025-1015

The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book,...

7.8CVSS6.9AI score0.01276EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-11972

When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...

8.2CVSS5.8AI score0.00433EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-11979

libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell function processes user input using fixed-size stack buffers without proper bounds checking. By supplying an overly long input line, an attacker can overflow intern...

7.8CVSS6.7AI score0.00148EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-12143

form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to FormDataappend and the filename option are concatenated verbatim into the Content-Disposition header without escaping carriage return CR, line feed LF, or double-quote "...

8.7CVSS5.8AI score0.00409EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday4 views

SUSE CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday4 views

SUSE CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.0023EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

8.7CVSS5.7AI score0.00361EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday4 views

SUSE CVE-2026-13324

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-13573

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...

4.8CVSS5.9AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-13574

A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on th...

4.8CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-13593

CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday4 views

SUSE CVE-2026-13601

A flaw was found in Yelp due to an overly permissive Content Security Policy CSP implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG document,...

7.1CVSS5.9AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday4 views

SUSE CVE-2026-13606

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added yesterday5 views

SUSE CVE-2026-14164

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago7 views

SUSE CVE-2026-5757

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...

7.5CVSS6.6AI score0.00551EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2 days ago6 views

SUSE CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6AI score0.00477EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2 days ago7 views

SUSE CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS5.9AI score0.00303EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-12245

NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago9 views

SUSE CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS5.8AI score0.00265EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-12490

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

8.2CVSS5.8AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago10 views

SUSE CVE-2026-13434

A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim into the launcher pod's v1.multus-cni.io/default-network annotation without format validation or...

4.9CVSS5.9AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago8 views

SUSE CVE-2026-13500

A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...

7.5CVSS6.7AI score0.00311EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago6 views

SUSE CVE-2026-13501

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

5.3CVSS5.4AI score0.00678EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5AI score0.00091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-13503

A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...

6.9CVSS5.6AI score0.0055EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-13587

A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parsebyblocktype of the file lightpcapng.c of the component LightPcapNg Parser. Performing a manipulation of the argument capturedpacketlength results in heap-based buffer overflow. It is possible to...

6.3CVSS5.7AI score0.00419EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-13588

A vulnerability was determined in seladb PcapPlusPlus 25.05. The impacted element is the function pcpp::SSLClientHelloMessage::getHandshakeVersion of the file Packet++/src/SSLHandshake.cpp of the component TLS Hello Handler. Executing a manipulation of the argument handshakeVersion can lead to...

6.3CVSS6.1AI score0.0038EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-13589

A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated...

6.3CVSS5.8AI score0.0056EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-13590

A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...

6.3CVSS6.1AI score0.00394EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-13595

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS5.7AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-13676

fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode IDN hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constructor, silently leaving the host in its original Unicode form while normalize and equal still return...

7.2CVSS5.8AI score0.00278EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-31323

unknown...

4CVSS5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago4 views

SUSE CVE-2026-44605

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago6 views

SUSE CVE-2026-46604

The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2 days ago6 views

SUSE CVE-2026-47204

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the envoy.filters.http.grpcstats filter crashes null pointer dereference / segfault when a Connect protocol request Content-Type: application/connect+proto...

7.5CVSS5.8AI score0.00448EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-47205

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free UAF vulnerability leading to a sudden segmentation fault exists in Envoy's extauthz HTTP filter when processing per-route authorization overrides...

5.9CVSS5.8AI score0.00387EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-47207

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an extproc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the...

6.5CVSS5.7AI score0.00444EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-47220

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTEDSERVERNAMEX:Y% is used in log format and host related options is specified, like HOSTFIRST, SNIFIRST, it's possible to crash Envoy when the specified host...

7.5CVSS5.8AI score0.00665EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago6 views

SUSE CVE-2026-47221

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...

7.5CVSS6AI score0.00445EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-47692

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY Protocol v2 header generator emits TLVs beyond the maximum length of 65535 bytes, causing a mismatch between bytes written and the length field in th...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-47775

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt/decrypt functions use AES-256-CBC without an authentication tag no HMAC, no AEAD. The /callback endpoint returns HTTP 302 on...

6.8CVSS5.8AI score0.00219EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago6 views

SUSE CVE-2026-47778

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .cstr before bei...

4.4CVSS5.8AI score0.00212EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-48042

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O100K nested objects are present. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1...

7.5CVSS5.8AI score0.00557EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago8 views

SUSE CVE-2026-48044

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability has been identified in Envoy's zstd decompressor implementation ZstdDecompressorImpl. When zstd decompression is enabled, processing a...

7.5CVSS5.8AI score0.00486EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-48090

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter envoy.filters.http.oauth2 can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late...

5.9CVSS6.2AI score0.00579EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-48497

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long...

7.5CVSS5.8AI score0.00405EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2 days ago8 views

SUSE CVE-2026-48706

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink TcpStatsdSink, where the thread-local flusher buffer can be overflowed by exceptionally long statistic...

7.5CVSS6.5AI score0.0061EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-48743

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete at the transport layer HEADERS with FIN / headers-only close but still carries a nonzero...

7.5CVSS5.8AI score0.00298EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2 days ago5 views

SUSE CVE-2026-48749

unknown...

5.7AI score
Exploits0References3
Total number of security vulnerabilities59178