Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/03/22 12:26 a.m.•11 views

SUSE CVE-2026-3479

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

3.3CVSS5.7AI score0.00238EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4150

GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4151

GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.6AI score0.00664EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4153

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.6AI score0.00651EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•3 views

SUSE CVE-2026-4154

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.6AI score0.00596EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•7 views

SUSE CVE-2026-4439

Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.1AI score0.00341EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4440

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00324EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4441

Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.1AI score0.00317EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•6 views

SUSE CVE-2026-4442

Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•3 views

SUSE CVE-2026-4443

Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.00415EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4444

Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•8 views

SUSE CVE-2026-4445

Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4446

Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00281EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•6 views

SUSE CVE-2026-4447

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00354EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4448

Heap buffer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4449

Use after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4450

Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00281EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•6 views

SUSE CVE-2026-4451

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4452

Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•6 views

SUSE CVE-2026-4453

Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS6AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4454

Use after free in Network in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4455

Heap buffer overflow in PDFium in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.1AI score0.0025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4456

Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4457

Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00306EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4458

Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

8.8CVSS5.9AI score0.00193EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•3 views

SUSE CVE-2026-4459

Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00281EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4460

Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•8 views

SUSE CVE-2026-4461

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00281EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4462

Out of bounds read in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•4 views

SUSE CVE-2026-4463

Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4464

Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:25 a.m.•5 views

SUSE CVE-2026-4519

The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open...

6.9CVSS5.8AI score0.00308EPSS
Exploits0References33
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•7 views

SUSE CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

5.3CVSS5.7AI score0.00096EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•5 views

SUSE CVE-2026-23272

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally bump set-nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be walking over it...

7CVSS5.7AI score0.00123EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•7 views

SUSE CVE-2026-23273

In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlancommonnewlink error path valis reported that a race condition still happens after my prior patch. macvlancommonnewlink might have made @dev visible before detecting an error, and its...

6.4CVSS5.7AI score0.00119EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•9 views

SUSE CVE-2026-23274

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call modtimer on timer-timer. If the label was created first by revision 1 with XTIDLETIMERALARM...

7CVSS5.7AI score0.00123EPSS
Exploits0References95
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•5 views

SUSE CVE-2026-23275

In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...

7.8CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•7 views

SUSE CVE-2026-23276

In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...

6.5CVSS5.7AI score0.00128EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•4 views

SUSE CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.9CVSS5.8AI score0.00117EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/22 12:24 a.m.•7 views

SUSE CVE-2026-23278

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

7CVSS5.8AI score0.00165EPSS
Exploits0References71
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•4 views

SUSE CVE-2026-30836

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0...

10CVSS5.7AI score0.00296EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•5 views

SUSE CVE-2026-32305

Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across multiple records,...

5.3CVSS5.9AI score0.00405EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•5 views

SUSE CVE-2026-32595

Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 comtain BasicAuth middleware that allows username enumeration via a timing attack. When a submitted username exists, the middleware performs a bcrypt password comparison taki...

3.7CVSS5.9AI score0.00385EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•5 views

SUSE CVE-2026-32711

pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...

7.8CVSS5.8AI score0.00279EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•9 views

SUSE CVE-2026-33022

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or...

6.5CVSS5.8AI score0.00368EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•3 views

SUSE CVE-2026-33036

fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Versions 4.0.0-beta.3 through 5.5.5 contain a bypass vulnerability where numeric character references &NNN;, &xHH; and standard XML entities completely evade the entity expansion limits e.g.,...

7.5CVSS5.8AI score0.00576EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•7 views

SUSE CVE-2026-33123

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1...

6.5CVSS5.7AI score0.00349EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•8 views

SUSE CVE-2026-33250

Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player'...

7.5CVSS6AI score0.00821EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•5 views

SUSE CVE-2026-33412

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.3CVSS6AI score0.00834EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/03/20 10:29 a.m.•5 views

SUSE CVE-2006-10002

XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in Expat.xs could overflow the XML input buffer because Perl's read returns decoded characters while SvPV gives...

8.6CVSS6AI score0.00604EPSS
Exploits0References10
Total number of security vulnerabilities59854