Lucene search
K
SusecveRecent

59178 matches found

SUSE CVE
SUSE CVE
•added 2026/06/20 2:35 a.m.•13 views

SUSE CVE-2026-12044

SQL injection in pgAdmin 4 across every dialog template that renders COMMENT ON ... IS '' for a user-supplied description field. The Jinja templates for Domains and their constraints, Foreign Tables, Languages, and Event Triggers, plus the Views OID-lookup query, interpolated the description...

8.8CVSS5.9AI score0.00489EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:35 a.m.•12 views

SUSE CVE-2026-12045

Read-only transaction bypass in the pgAdmin 4 AI Assistant allows an attacker who can influence database content that the assistant reads to execute arbitrary SQL with the privileges of the pgAdmin user's database role. The AI Assistant's executesqlquery tool runs LLM-generated SQL inside a BEGIN...

9.4CVSS6.8AI score0.00482EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:35 a.m.•9 views

SUSE CVE-2026-12046

Two state-mutating endpoints in pgAdmin 4's SQL Editor blueprint -- DELETE /sqleditor/close/ and POST /sqleditor/initialize/sqleditor/updateconnection/// -- were the only routes in the module missing the @pgaloginrequired decorator. Both reach a pickle.loads sink on session'gridData''commandobj':...

9.5CVSS6.7AI score0.0071EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:35 a.m.•9 views

SUSE CVE-2026-12047

HTML injection in pgAdmin 4's cloud deployment module. The verifycredentials, deploy, regions, and update-server endpoints under /rds/, /azure/, /google/, and the top-level /cloud/ blueprint propagated AWS / Azure / Google SDK exception text - and the related file-resolution and database-commit...

4.8CVSS5.8AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:35 a.m.•8 views

SUSE CVE-2026-12048

Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks fields was passed...

9.3CVSS5.9AI score0.0021EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:35 a.m.•8 views

SUSE CVE-2026-12049

Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who clicked /mfa/validate?next= -- a link typically...

5.3CVSS5.9AI score0.00218EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:35 a.m.•7 views

SUSE CVE-2026-12050

SQL injection in pgAdmin 4's named restore point endpoint POST /browser/server/restorepoint/gid/sid. The user-supplied 'value' field was interpolated directly into the SQL string with str.format instead of being passed as a bound parameter, allowing an authenticated pgAdmin user with a connected...

5.3CVSS5.7AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:34 a.m.•14 views

SUSE CVE-2026-12706

A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...

6.5CVSS6AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:30 a.m.•11 views

SUSE CVE-2026-43915

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting XSS vulnerability in the web-admin HTTPS interface. An attacker who can create a TURN allocation with a crafted USERNAME value can inject HTML/JavaScript that execut...

5.4CVSS5.6AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:30 a.m.•10 views

SUSE CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

9.8CVSS6.1AI score0.0045EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:30 a.m.•12 views

SUSE CVE-2026-44663

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...

6.1CVSS5.7AI score0.00199EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•12 views

SUSE CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

6.1CVSS5.9AI score0.00263EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•11 views

SUSE CVE-2026-48615

A flaw in Node.js proxy tunnel error handling could expose proxy credentials in ERRPROXYTUNNEL error messages. When proxy credentials are embedded in the proxy URL, they may be exposed through error handling paths and captured by logs, diagnostics, or other error consumers. This vulnerability...

7.5CVSS6.8AI score0.00437EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•11 views

SUSE CVE-2026-48617

A flaw in Node.js Permission Model enforcement allows Bypass via process.report.writeReport Path Misvalidation. This can lead to confidentiality impact or bypass of the intended security boundary under affected configurations. This vulnerability affects all supported release lines: Node.js 22,...

2.9CVSS5.9AI score0.00208EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•11 views

SUSE CVE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.4CVSS7.1AI score0.00674EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•15 views

SUSE CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.9CVSS6.1AI score0.00256EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•12 views

SUSE CVE-2026-48930

A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resolver bindings. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.3CVSS6.5AI score0.00405EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•11 views

SUSE CVE-2026-48931

A flaw in Node.js HTTP Agent can cause a client to accept as valid a response that is send before the client has sent the request. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.7CVSS6.2AI score0.00359EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•12 views

SUSE CVE-2026-48933

A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS7.1AI score0.02445EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•10 views

SUSE CVE-2026-48934

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

6.5CVSS6.1AI score0.00258EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•12 views

SUSE CVE-2026-48935

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4CVSS6AI score0.00154EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•10 views

SUSE CVE-2026-48936

A flaw in Node.js Permission API can cause a local server to be started via a Unix domain socket, even without the --allow-net permission. This vulnerability affects one supported release line: Node.js 26...

3.3CVSS6AI score0.00154EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•10 views

SUSE CVE-2026-48937

A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a GOAWAY frame. This vulnerability affects two supported release lines: Node.js 22 and Node.js 24...

5.3CVSS6AI score0.00445EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•10 views

SUSE CVE-2026-50141

Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...

7.1CVSS5.9AI score0.00246EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•13 views

SUSE CVE-2026-54273

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, no limit was present on the number of pipelined requests that could be queued. An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS. This...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•12 views

SUSE CVE-2026-54274

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, if an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual size limits on memory use. This vulnerability is fixed in 3.14.1...

8.7CVSS5.8AI score0.00305EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•12 views

SUSE CVE-2026-54275

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existing connection is reused. If an application makes multiple requests to the same domain, but with different per-request serverhostname...

4.8CVSS5.8AI score0.00266EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•10 views

SUSE CVE-2026-54276

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This likely requires an open redirect vulnerability or similar on the target domain for an attacker to...

6.3CVSS5.9AI score0.00178EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:29 a.m.•9 views

SUSE CVE-2026-54277

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, it is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send...

7.5CVSS5.8AI score0.00322EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•10 views

SUSE CVE-2026-54278

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. An attacker may be able to send a compressed payload in specific situations that could be...

8.7CVSS5.8AI score0.00279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•12 views

SUSE CVE-2026-54279

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. This vulnerability is fixed in 3.14.1...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•9 views

SUSE CVE-2026-54280

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a payload is using an open file or similar limited resource, then an attacker may be able to cause...

6.3CVSS5.8AI score0.00281EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•13 views

SUSE CVE-2026-54530

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...

6.9CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•11 views

SUSE CVE-2026-54531

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0...

6.9CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•10 views

SUSE CVE-2026-55203

HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...

5.6CVSS6.1AI score0.00321EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•10 views

SUSE CVE-2026-55204

HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl.c that fails to validate the return value of hpackdhtdefrag when the memory pool is exhausted. An attacker can trigger HPACK dynamic table insertions under memo...

7.5CVSS5.9AI score0.00431EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•10 views

SUSE CVE-2026-55392

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS5.8AI score0.00105EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•8 views

SUSE CVE-2026-55686

Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an...

5.3CVSS5.8AI score0.00317EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•9 views

SUSE CVE-2026-56131

libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur similar to the CVE-2026-50219 situation...

4.9CVSS5.8AI score0.00102EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/20 2:28 a.m.•9 views

SUSE CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

6.9CVSS6.1AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 2:1 a.m.•10 views

SUSE CVE-2025-10263

Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level...

9.1CVSS5.2AI score0.00463EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/19 1:58 a.m.•10 views

SUSE CVE-2026-6039

LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit value when the point buffer was sized, while the full count was used to fill it, so a polyline whose...

6.9CVSS5.6AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:58 a.m.•10 views

SUSE CVE-2026-6040

A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...

6.9CVSS5.3AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:58 a.m.•11 views

SUSE CVE-2026-6045

LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could overflow, so a small...

6.9CVSS5.6AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:58 a.m.•11 views

SUSE CVE-2026-6047

LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...

6.9CVSS5.7AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:58 a.m.•10 views

SUSE CVE-2026-6733

Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it...

3.7CVSS5.3AI score0.00228EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/19 1:57 a.m.•10 views

SUSE CVE-2026-8356

LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...

6.9CVSS5.7AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:57 a.m.•10 views

SUSE CVE-2026-8357

LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element pa...

6.9CVSS5.6AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:57 a.m.•11 views

SUSE CVE-2026-8358

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS5.6AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:57 a.m.•9 views

SUSE CVE-2026-9678

Impact: Undici's cache interceptor incorrectly classifies some responses as cacheable when the upstream Cache-Control header uses whitespace-padded qualified private or no-cache field names such as private=" authorization" or no-cache="\tauthorization". The parser preserves the surrounding...

5.9CVSS5.3AI score0.00374EPSS
Exploits0References3
Total number of security vulnerabilities59178