Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/03/26 9:18 a.m.•4 views

SUSE CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS5.8AI score0.00698EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/26 9:18 a.m.•4 views

SUSE CVE-2026-3119

Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature TSIG from a key declared in the named configuration. This issue affects BIND 9 versions 9.20....

6.5CVSS5.9AI score0.00576EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/26 9:17 a.m.•4 views

SUSE CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.0036EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/26 9:16 a.m.•4 views

SUSE CVE-2026-30587

Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14 and prior and fixed in 13.0.17, 13.0.17-pro, and 12.0.20-pro, via the Seadoc sdoc editor. The application fails to properly sanitize WebSocket messages regarding document structure updates. This allows...

8.7CVSS5.9AI score0.00278EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/26 12:27 a.m.•7 views

SUSE CVE-2026-25645

Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker...

5.5CVSS5.9AI score0.00182EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/03/26 12:24 a.m.•4 views

SUSE CVE-2026-34085

fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capability handling, leading to a one-byte out-of-bounds write, and potentially a crash or code execution. This is in FcFontCapabilities in fcfreetype.c...

7.8CVSS5.9AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:59 p.m.•4 views

SUSE CVE-2026-3608

Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...

7.5CVSS5.9AI score0.01361EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:59 p.m.•3 views

SUSE CVE-2026-3889

Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9...

5.4CVSS7.2AI score0.00202EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:59 p.m.•6 views

SUSE CVE-2026-4371

A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking...

5.5CVSS7.2AI score0.0036EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:59 p.m.•5 views

SUSE CVE-2026-4645

Duplicate of CVE-2026-32287...

5.8AI score0.00152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•8 views

SUSE CVE-2026-21444

libtpms, a library that provides software emulation of a Trusted Platform Module, has a flaw in versions 0.10.0 and 0.10.1. The commonly used integration of libtpms with OpenSSL 3.x contained a vulnerability related to the returned IV initialization vector when certain symmetric ciphers were used...

6.5CVSS5.9AI score0.0007EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•3 views

SUSE CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

7.5CVSS7AI score0.26356EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•3 views

SUSE CVE-2026-21711

A flaw in Node.js Permission Model network enforcement leaves Unix Domain Socket UDS server operations without the required permission checks, while all comparable network paths correctly enforce them. As a result, code running under --permission without --allow-net can create and expose local IP...

6.5CVSS6.4AI score0.00146EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•4 views

SUSE CVE-2026-21712

A flaw in Node.js URL processing causes an assertion failure in native code when url.format is called with a malformed internationalized domain name IDN containing invalid characters, crashing the Node.js process...

6.5CVSS6.5AI score0.00325EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•4 views

SUSE CVE-2026-21713

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

5.6CVSS6.5AI score0.00385EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•5 views

SUSE CVE-2026-21715

A flaw in Node.js Permission Model filesystem enforcement leaves fs.realpathSync.native without the required read permission checks, while all comparable filesystem functions correctly enforce them. As a result, code running under --permission with restricted --allow-fs-read can still use...

3.3CVSS6.3AI score0.00158EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•3 views

SUSE CVE-2026-21716

An incomplete fix for CVE-2024-36137 leaves FileHandle.chmod and FileHandle.chown in the promises API without the required permission checks, while their callback-based equivalents fs.fchmod, fs.fchown were correctly patched. As a result, code running under --permission with restricted...

4.4CVSS6.3AI score0.00159EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 4:58 p.m.•5 views

SUSE CVE-2026-21717

A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...

6.3CVSS6.5AI score0.00283EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•11 views

SUSE CVE-2026-23279

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

6.5CVSS5.8AI score0.00136EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•6 views

SUSE CVE-2026-23280

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Prevent ubuf size overflow The ubuf size calculation may overflow, resulting in an undersized allocation and possible memory corruption. Use checkaddoverflow helpers to validate the size calculation before allocati...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•7 views

SUSE CVE-2026-23281

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...

6.3CVSS5.7AI score0.00126EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•6 views

SUSE CVE-2026-23282

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•3 views

SUSE CVE-2026-23283

In the Linux kernel, the following vulnerability has been resolved: regulator: fp9931: Fix PM runtime reference leak in fp9931hwmonread In fp9931hwmonread, if regmapread failed, the function returned the error code without calling pmruntimeputautosuspend, causing a PM reference leak...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•4 views

SUSE CVE-2026-23284

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Reset prog ptr to oldprog in case of error in mtkxdpsetup Reset eBPF program pointer to oldprog and do not decrease its ref-count if mtkopen routine in mtkxdpsetup fails...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•4 views

SUSE CVE-2026-23285

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•3 views

SUSE CVE-2026-23286

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix null-ptr-deref in lecarpclearvccs syzkaller reported a null-ptr-deref in lecarpclearvccs. This issue can be easily reproduced using the syzkaller reproducer. In the ATM LANE LAN Emulation module, the same atmvcc can...

5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•5 views

SUSE CVE-2026-23287

In the Linux kernel, the following vulnerability has been resolved: irqchip/sifive-plic: Fix frozen interrupt due to affinity setting PLIC ignores interrupt completion message for disabled interrupt, explained by the specification: The PLIC signals it has completed executing an interrupt handler ...

5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•4 views

SUSE CVE-2026-23288

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•5 views

SUSE CVE-2026-23289

In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...

5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•8 views

SUSE CVE-2026-23290

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not...

4.6CVSS5.8AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•6 views

SUSE CVE-2026-23291

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up b...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•5 views

SUSE CVE-2026-23292

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in configfsopenfile In flushwritebuffer, &p-fragsem is acquired and then the loaded store function is called, which, here, is targetcoreitemdbrootstore. This function called filpopen, following...

4.4CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•5 views

SUSE CVE-2026-23293

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If an IPv6...

5.9CVSS5.7AI score0.00123EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•4 views

SUSE CVE-2026-23294

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...

7CVSS5.8AI score0.0009EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:57 p.m.•5 views

SUSE CVE-2026-23295

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix dead lock for suspend and resume When an application issues a query IOCTL while auto suspend is running, a deadlock can occur. The query path holds devlock and then calls pmruntimeresumeandget, which waits for...

5.5CVSS5.7AI score0.00087EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•4 views

SUSE CVE-2026-23296

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagsetrefcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: 130120.652718 scsiallocsdev: Allocation failure during SCSI...

5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•4 views

SUSE CVE-2026-23297

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called after that. The cred is finally passed down to...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23298

In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucanreadbulkcallback, hanging the system. If the lengt...

4.6CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•7 views

SUSE CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•10 views

SUSE CVE-2026-23300

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop When a standalone IPv6 nexthop object is created with a loopback device e.g., "ip -6 nexthop add id 100 dev lo", fib6nhinit misclassifies it as a reject route...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23301

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...

5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23302

In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...

4.7CVSS5.7AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23304

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...

4.7CVSS5.8AI score0.00123EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23305

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could be the case with EPROBEDEFER, we need to properly unwind by decrementing the counter we just incremented and if this is the first core we...

7.1CVSS5.7AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23306

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free in pm8001queuecommand Commit e29c47fe8946 "scsi: pm8001: Simplify pm8001taskexec" refactors pm8001queuecommand, however it introduces a potential cause of a double free scenario when it changes th...

6CVSS5.7AI score0.00126EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•13 views

SUSE CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23308

In the Linux kernel, the following vulnerability has been resolved: pinctrl: equilibrium: fix warning trace on load The callback functions 'eqbrirqmask' and 'eqbrirqack' are also called in the callback function 'eqbrirqmaskack'. This is done to avoid source code duplication. The problem, is that ...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23309

In the Linux kernel, the following vulnerability has been resolved: tracing: Add NULL pointer check to triggerdatafree If triggerdataalloc fails and returns NULL, eventhisttriggerparse jumps to the outfree error path. While kfree safely handles a NULL pointer, triggerdatafree does not. This cause...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23310

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmithashpolicy change when XDP is loaded bondoptionmodeset already rejects mode changes that would make a loaded XDP program incompatible via bondxdpcheck. However, bondoptionxmithashpolicyset has ...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Total number of security vulnerabilities59854