Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.6 views

SUSE CVE-2026-33678

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, TaskAttachment.ReadOne queries attachments by ID only WHERE id = ?, ignoring the task ID from the URL path. The permission check in CanRead validates access to the task specified in the URL, but ReadOne loads ...

8.1CVSS5.9AI score0.00265EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.4 views

SUSE CVE-2026-33679

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DownloadImage function in pkg/utils/avatar.go uses a bare http.Client with no SSRF protection when downloading user avatar images from the OpenID Connect picture claim URL. An attacker who controls their...

7.4CVSS6AI score0.00395EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.4 views

SUSE CVE-2026-33680

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.2, the LinkSharing.ReadAll method allows link share authenticated users to list all link shares for a project, including their secret hashes. While LinkSharing.CanRead correctly blocks link share users from readi...

7.5CVSS5.9AI score0.00398EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.10 views

SUSE CVE-2026-33699

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider...

5.3CVSS5.8AI score0.00455EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.6 views

SUSE CVE-2026-33700

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DELETE /api/v1/projects/:project/shares/:share endpoint does not verify that the link share belongs to the project specified in the URL. An attacker with admin access to any project can delete link shares...

6.9CVSS5.9AI score0.00205EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.5 views

SUSE CVE-2026-33711

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...

7.8CVSS6AI score0.0035EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.5 views

SUSE CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer's SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.9AI score0.00865EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.4 views

SUSE CVE-2026-33726

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pods to L7 Services Envoy, GAMMA with a local backend on the same node, when Per-Endpoint Routing is...

5.4CVSS5.8AI score0.00244EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.8 views

SUSE CVE-2026-33729

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. In versions prior to 1.13.1, under specific conditions, models using conditions with caching enabled can result in two different check requests producing the same cache...

9.8CVSS5.9AI score0.00241EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.6 views

SUSE CVE-2026-33743

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

6.5CVSS5.8AI score0.00385EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.4 views

SUSE CVE-2026-33745

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored Basic Auth, Bearer Token, and Digest Auth credentials to arbitrary hosts when following cross-origin HTTP redirects 301/302/307/308. A malicious or...

7.5CVSS5.7AI score0.00262EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.6 views

SUSE CVE-2026-33747

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

8.4CVSS6AI score0.00498EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.4 views

SUSE CVE-2026-33897

Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to...

8.8CVSS6AI score0.00481EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.6 views

SUSE CVE-2026-33898

Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by incus webui incorrectly validates the authentication token such that an invalid value will be accepted. incus webui runs a local web server on a random localhost port. For authentication, i...

8.8CVSS6AI score0.00347EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.5 views

SUSE CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

8.8CVSS6AI score0.00447EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.7 views

SUSE CVE-2026-34073

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...

3.7CVSS5.8AI score0.00154EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.4 views

SUSE CVE-2026-34352

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions...

7CVSS5.9AI score0.00247EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.5 views

SUSE CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

5.9CVSS5.9AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/27 11:36 a.m.6 views

SUSE CVE-2014-125112

Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of the cookie data, when...

9.8CVSS6.4AI score0.0083EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/27 11:18 a.m.5 views

SUSE CVE-2019-16227

An issue was discovered in py-lmdb 0.97. For certain values of mnflags, mdbcursorset triggers a memcpy with an invalid write operation within mdbxcursorinit1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker...

9.8CVSS7.2AI score0.01963EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/03/27 11:15 a.m.7 views

SUSE CVE-2019-25544

Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat,...

6.9CVSS6AI score0.00187EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/27 12:29 a.m.4 views

SUSE CVE-2026-4887

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

6.1CVSS6AI score0.00634EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2026/03/27 12:29 a.m.6 views

SUSE CVE-2026-4897

A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1 setuid binary via standard input stdin. This unbounded input can lead to an out-of-memory OOM condition, resulting in a Denial of Service DoS for the...

5.5CVSS5.8AI score0.00131EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/03/27 12:25 a.m.4 views

SUSE CVE-2026-27889

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...

7.5CVSS6AI score0.00582EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/27 12:25 a.m.4 views

SUSE CVE-2026-29785

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled not default, then anyone who can connect can crash the nats-server by triggering a panic. This happens...

7.5CVSS5.9AI score0.00658EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/27 12:25 a.m.6 views

SUSE CVE-2026-33343

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with...

8.1CVSS5.9AI score0.0021EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/27 12:25 a.m.5 views

SUSE CVE-2026-33413

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...

8.6CVSS5.9AI score0.00249EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/26 5:10 p.m.10 views

SUSE CVE-2026-1519

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries see:...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2026/03/26 5:10 p.m.5 views

SUSE CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

3.3CVSS5.4AI score0.00156EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/03/26 5:7 p.m.5 views

SUSE CVE-2026-33222

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could restore to other stream names, impacting data which should have been protected against them...

4.9CVSS5.8AI score0.00306EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 5:7 p.m.11 views

SUSE CVE-2026-33223

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header Nats-Request-Info: is supposed to be a guarantee of identity by the NATS server, but the stripping of this header from inbound messages was...

6.4CVSS5.9AI score0.00211EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 5:7 p.m.4 views

SUSE CVE-2026-33248

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...

4.2CVSS5.8AI score0.00143EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 5:7 p.m.4 views

SUSE CVE-2026-33249

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate that the trace messages can be sent to an arbitrary valid subject,...

4.3CVSS6AI score0.00228EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:47 p.m.4 views

SUSE CVE-2025-70887

An issue in ralphje Signify before v.0.9.2 allows a remote attacker to escalate privileges via the signeddata.py and the context.py components...

8.8CVSS5.9AI score0.00343EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/26 2:47 p.m.8 views

SUSE CVE-2025-70888

An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component...

9.8CVSS5.9AI score0.00482EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.10 views

SUSE CVE-2026-23396

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...

6.5CVSS5.8AI score0.00114EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.6 views

SUSE CVE-2026-23397

In the Linux kernel, the following vulnerability has been resolved: nfnetlinkosf: validate individual option lengths in fingerprints nfnlosfaddcallback validates optnum bounds and string NUL-termination but does not check individual option length fields. A zero-length option causes nfosfmatchone ...

4.4CVSS5.8AI score0.00117EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.5 views

SUSE CVE-2026-23398

In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmptagvalidation icmptagvalidation unconditionally dereferences the result of rcudereferenceinetprotosproto without checking for NULL. The inetprotos array is sparse -- only about 15 of 256...

5.9CVSS5.8AI score0.00114EPSS
Exploits2References19
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.3 views

SUSE CVE-2026-30892

crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the crun exec option -u --user is incorrectly parsed. The value 1 is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. The process thus runs with higher privileges than expected...

7.8CVSS5.8AI score0.00159EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.6 views

SUSE CVE-2026-33216

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating identity statement JWT and exposed via monitoring...

8.6CVSS5.9AI score0.00365EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.6 views

SUSE CVE-2026-33217

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

7.1CVSS5.9AI score0.00259EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.5 views

SUSE CVE-2026-33218

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-authentication. Versions 2.11.15 and 2.12.6 contain ...

7.5CVSS5.9AI score0.00616EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.4 views

SUSE CVE-2026-33219

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a malicious client which can connect to the WebSockets port can cause unbounded memory use in the nats-server before authentication; this requires sending a...

5.3CVSS5.9AI score0.00532EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.3 views

SUSE CVE-2026-33246

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server offers a Nats-Request-Info: message header, providing information about a request. This is supposed to provide enough information to allow for account/user identification, such that NAT...

6.4CVSS5.9AI score0.00143EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.5 views

SUSE CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

7.4CVSS5.9AI score0.00414EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.8 views

SUSE CVE-2026-33416

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.2.1 through 1.6.55, pngsettRNS and pngsetPLTE each alias a heap-allocated buffer between pngstruct and pnginfo, sharing a single allocation acros...

8.1CVSS5.9AI score0.01052EPSS
Exploits1References28
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.4 views

SUSE CVE-2026-33636

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit...

8.6CVSS6AI score0.00585EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/03/26 2:43 p.m.5 views

SUSE CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

5.3CVSS5.8AI score0.00328EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/26 10:9 a.m.11 views

SUSE CVE-2025-14443

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

6.4CVSS5.8AI score0.00306EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/26 9:23 a.m.6 views

SUSE CVE-2025-67030

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

7.3CVSS6.2AI score0.00663EPSS
Exploits0References5
Total number of security vulnerabilities59854