58369 matches found
SUSE CVE-2025-68946
In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS...
SUSE CVE-2025-69412
KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...
SUSE CVE-2025-11964
On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf16letoutf8truncated can write data beyond the end of the provided buffer...
SUSE CVE-2025-34468
libcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without proper bounds checking. A remote attacker can trigger a crash and potentiall...
SUSE CVE-2022-50798
This candidate is a duplicate of CVE-2017-11359...
SUSE CVE-2025-11961
pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function...
SUSE CVE-2025-15059
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...
SUSE CVE-2025-50343
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...
SUSE CVE-2025-61594
URI is a module providing classes to handle Uniform Resource Identifiers. In versions 0.12.4 and earlier bundled in Ruby 3.2 series 0.13.2 and earlier bundled in Ruby 3.3 series, 1.0.3 and earlier bundled in Ruby 3.4 series, when using the + operator to combine URIs, sensitive information like...
SUSE CVE-2025-65409
A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...
SUSE CVE-2025-67746
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
SUSE CVE-2025-68131
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...
SUSE CVE-2025-68618
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...
SUSE CVE-2025-68950
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...
SUSE CVE-2025-69204
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store numberattributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack...
SUSE CVE-2025-69261
WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...
SUSE CVE-2025-69277
libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...
SUSE CVE-2022-50784
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as if we should pass it. Coverity CID: 1503456...
SUSE CVE-2022-50785
In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use getdevice and putdevice in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the device buffer and check...
SUSE CVE-2022-50786
In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...
SUSE CVE-2022-50809
In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhciallocdbc If DbC is already in use, then the allocated memory for the xhcidbc struct doesn't get freed before returning NULL, which leads to a memleak...
SUSE CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
SUSE CVE-2022-50811
In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if zerofsgetextentcompressedlen fails Otherwise, meta buffers could be leaked...
SUSE CVE-2022-50812
In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...
SUSE CVE-2022-50813
In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcbprobe When probe hook function failed in mcbprobe, it doesn't put the device. Compiled test only...
SUSE CVE-2022-50814
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BUG: KASAN: global-out-of-bounds in paramgetint+0x34/0x60 17619.673193 Read of size 4 at addr fffff01332d7ed00 by task readall/1507958...
SUSE CVE-2022-50815
In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This avoid trying to mount...
SUSE CVE-2022-50816
In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug in ip6gre tunnel dev:ip6gretap0 Since ipv6 mcast code makes sure to read dev-mtu once and applies a sanity check on it see commit...
SUSE CVE-2022-50817
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...
SUSE CVE-2022-50818
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix runningreq for internal abort commands Disabling the remote phy for a SATA disk causes a hang: root@none$ more /sys/class/sasphy/phy-0:0:8/targetportprotocols sata root@none$ echo 0...
SUSE CVE-2022-50819
In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf-sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason e.g. OOM the creation of the sg table fails, ubuf-sg needs to be set to NULL. Otherwise, when the userspa...
SUSE CVE-2022-50820
In the Linux kernel, the following vulnerability has been resolved: perf/armdmc620: Fix hotplug callback leak in dmc620pmuinit dmc620pmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path. Simil...
SUSE CVE-2022-50821
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Don't leak netobj memory when gssreadproxyverf fails...
SUSE CVE-2022-50822
In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memory leak as the task struct won't be released...
SUSE CVE-2022-50823
In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114clockinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
SUSE CVE-2022-50824
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Add the missed acpiputtable to fix memory leak In checkacpitpm2, we get the TPM2 table just to make sure the table is there, not used after the init, so the acpiputtable should be added to release the ACPI memory...
SUSE CVE-2022-50825
In the Linux kernel, the following vulnerability has been resolved: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801probe I got the following report while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 4, ofnodeget/ofnodeput unbalanced - destroy cset...
SUSE CVE-2022-50826
In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: Fix NULL pointer dereference in imgusubdevsetselection Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereference. This can currently happen in...
SUSE CVE-2022-50827
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfccreateport Commit 5e633302ace1 "scsi: lpfc: vmid: Add support for VMID in mailbox command" introduced allocations for the VMID resources in lpfccreateport after the call to scsihostalloc. Upon...
SUSE CVE-2022-50828
In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is longer than 15 bytes, string terminated NULL...
SUSE CVE-2022-50829
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...
SUSE CVE-2022-50830
In the Linux kernel, the following vulnerability has been resolved: auxdisplay: hd44780: Fix potential memory leak in hd44780remove hd44780probe allocates a memory chunk for hd with kzalloc and makes "lcd-drvdata-hd44780" point to it. When we call hd44780remove, we should release all relevant...
SUSE CVE-2022-50832
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix potential memory leak in wilcmacxmit The wilcmacxmit returns NETDEVTXOK without freeing skb, add devkfreeskb to fix it. Compile tested only...
SUSE CVE-2022-50833
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use hdev-workqueue when queuing hdev-cmd,ncmdtimer works syzbot is reporting attempt to schedule hdev-cmdwork work from systemwq WQ into hdev-workqueue WQ which is under draining operation 1, for commit c8efcc2589464ac...
SUSE CVE-2022-50834
In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfcgetdevice take reference for the device, add missing nfcputdevice to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of ENOTSUPP...
SUSE CVE-2022-50835
In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after use which will lead to reference count leak...
SUSE CVE-2022-50836
In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcomaddsysmonsubdev The kfree should be called when ofirqgetbyname fails or devmrequestthreadedirq fails in qcomaddsysmonsubdev, otherwise there will be a memory leak, so add kfree to fix it...
SUSE CVE-2022-50837
In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: avoid leaking ctx on dsatag8021qregister error path If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will leak. Make sure it is...
SUSE CVE-2022-50838
In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...
SUSE CVE-2022-50839
In the Linux kernel, the following vulnerability has been resolved: jbd2: fix potential buffer head reference count leak As in 'jbd2fcwaitbufs' if buffer isn't uptodate, will return -EIO without update 'journal-jfcoff'. But 'jbd2fcreleasebufs' will release buffer head from 'jfcoff - 1' if 'bh' is...