Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•2 views

SUSE CVE-2026-26998

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is...

4.4CVSS5.7AI score0.00451EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•4 views

SUSE CVE-2026-26999

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared befor...

7.5CVSS5.9AI score0.00539EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•5 views

SUSE CVE-2026-27137

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...

6.5CVSS5.8AI score0.00606EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•7 views

SUSE CVE-2026-27138

Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either directly verifying X.509 certificate chains, or those that use TLS...

7.5CVSS5.8AI score0.0035EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•6 views

SUSE CVE-2026-27139

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...

3.3CVSS5.9AI score0.00201EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•6 views

SUSE CVE-2026-27142

Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actio...

5.4CVSS5.7AI score0.00328EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•4 views

SUSE CVE-2026-28802

Authlib is a Python library which builds OAuth and OpenID Connect servers. From version 1.6.5 to before version 1.6.7, previous tests involving passing a malicious JWT containing alg: none and an empty signature was passing the signature verification step without any changes to the application co...

9.8CVSS5.8AI score0.00425EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•6 views

SUSE CVE-2026-29049

melange allows users to build apk packages using declarative pipelines. In version 0.40.5 and prior, melange update-cache downloads URIs from build configs via io.Copy without any size limit or HTTP client timeout pkg/renovate/cache/cache.go. An attacker-controlled URI in a melange config can cau...

4.3CVSS5.8AI score0.00226EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•4 views

SUSE CVE-2026-29054

Traefik is an HTTP reverse proxy and load balancer. From version 2.11.9 to 2.11.37 and from version 3.1.3 to 3.6.8, there is a potential vulnerability in Traefik managing the Connection header with X-Forwarded headers. When Traefik processes HTTP/1.1 requests, the protection put in place to preve...

7.5CVSS5.8AI score0.00467EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•5 views

SUSE CVE-2026-29074

SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...

7.5CVSS5.7AI score0.00612EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/03/07 12:25 a.m.•5 views

SUSE CVE-2026-29089

TimescaleDB is a time-series database for high-performance real-time analytics packaged as a Postgres extension. From version 2.23.0 to 2.25.1, PostgreSQL uses the searchpath setting to locate unqualified database objects tables, functions, operators. If the searchpath includes user-writable...

8.8CVSS6.2AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/06 12:28 a.m.•11 views

SUSE CVE-2025-69534

Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown...

7.5CVSS5.8AI score0.00566EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2026/03/06 12:24 a.m.•6 views

SUSE CVE-2026-30784

This CVE ID has been withdrawn by its CVE Numbering Authority...

9.8CVSS5.7AI score0.00648EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/06 12:24 a.m.•6 views

SUSE CVE-2026-30790

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

9.8CVSS5.7AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 2:3 p.m.•6 views

SUSE CVE-2025-40926

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

9.8CVSS5.7AI score0.00433EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 2:3 p.m.•3 views

SUSE CVE-2025-40931

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come fro...

9.1CVSS5.8AI score0.00583EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:58 p.m.•2 views

SUSE CVE-2026-0847

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

7.5CVSS6.5AI score0.00924EPSS
Exploits3References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:58 p.m.•4 views

SUSE CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

5.5CVSS5.8AI score0.00202EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/03/05 1:57 p.m.•4 views

SUSE CVE-2026-3381

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

9.8CVSS5.8AI score0.00548EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/03/05 1:57 p.m.•4 views

SUSE CVE-2026-3536

Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.9AI score0.00458EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:57 p.m.•4 views

SUSE CVE-2026-3537

Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.8AI score0.00377EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:57 p.m.•4 views

SUSE CVE-2026-3538

Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.9AI score0.00497EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:57 p.m.•3 views

SUSE CVE-2026-3539

Determined a bug and not a vulnerability...

7.8AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:57 p.m.•3 views

SUSE CVE-2026-3540

Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.003EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:57 p.m.•4 views

SUSE CVE-2026-3541

Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00258EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:56 p.m.•6 views

SUSE CVE-2026-3542

Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00306EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:56 p.m.•4 views

SUSE CVE-2026-3543

Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00289EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:56 p.m.•6 views

SUSE CVE-2026-3544

Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00313EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:56 p.m.•6 views

SUSE CVE-2026-3545

Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00263EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 1:56 p.m.•21 views

SUSE CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS5.8AI score0.00414EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/05 1:55 p.m.•4 views

SUSE CVE-2026-27820

zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but...

8.8CVSS6.8AI score0.00561EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/05 1:55 p.m.•6 views

SUSE CVE-2026-28434

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via setexceptionhandler, the library catches the exception and writes its message...

5.3CVSS5.6AI score0.003EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/03/05 1:55 p.m.•4 views

SUSE CVE-2026-28435

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

7.5CVSS5.5AI score0.00418EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/03/05 7:26 a.m.•4 views

SUSE CVE-2025-22891

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

8.7CVSS5.8AI score0.00396EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/03/05 6:56 a.m.•6 views

SUSE CVE-2025-50180

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

8.7CVSS5.8AI score0.00381EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:55 a.m.•6 views

SUSE CVE-2025-64111

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, due to the insufficient patch for CVE-2024-56731, it's still possible to update files in the .git directory and achieve remote command execution. This issue has been patched in versions 0.13.4 and 0.14.0+dev...

9.8CVSS5.8AI score0.01229EPSS
Exploits3References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:55 a.m.•5 views

SUSE CVE-2025-64175

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, Gogs' 2FA recovery code validation does not scope codes by user, enabling cross-account bypass. If an attacker knows a victim's username and password, they can use any unused recovery code e.g., from their own account to...

8.8CVSS5.8AI score0.00424EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:55 a.m.•3 views

SUSE CVE-2025-64641

Mattermost versions 11.1.x = 11.1.0, 11.0.x = 11.0.5, 10.12.x = 10.12.3, 10.11.x = 10.11.7 fail to verify that post actions invoking /share-issue-publicly were created by the Jira plugin which allowed a malicious Mattermost user to exfiltrate Jira tickets when victim users interacted with affecte...

4.1CVSS5.8AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:55 a.m.•2 views

SUSE CVE-2025-66630

Fiber is an Express inspired web framework written in Go. Before 2.52.11, on Go versions prior to 1.24, the underlying crypto/rand implementation can return an error if secure randomness cannot be obtained. Because no error is returned by the Fiber v2 UUID functions, application code may...

9.4CVSS5.8AI score0.00471EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:54 a.m.•7 views

SUSE CVE-2025-70963

Gophish =0.12.1 is vulnerable to Incorrect Access Control. The administrative dashboard exposes each user's long-lived API key directly inside the rendered HTML/JavaScript of the page on every login. This makes permanent API credentials accessible to any script running in the browser context...

7.6CVSS5.8AI score0.00267EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:53 a.m.•6 views

SUSE CVE-2025-71238

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...

6.5CVSS5.7AI score0.00194EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/03/05 6:52 a.m.•9 views

SUSE CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen - or hash style comments, the statement is...

4.3CVSS5.8AI score0.00274EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•3 views

SUSE CVE-2026-23231

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix use-after-free in nftablesaddchain nftablesaddchain publishes the chain to table-chains via listaddtailrcu in nftchainadd before registering hooks. If nftablesregisterhook then fails, the error path calls...

7CVSS5.7AI score0.00812EPSS
Exploits1References21
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•2 views

SUSE CVE-2026-23232

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...

5.5CVSS5.7AI score0.00104EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•7 views

SUSE CVE-2026-23233

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for swapfile Xiaolong Guo reported a f2fs bug in bugzilla 1 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: "When using stress-ng's swap stress test on F2FS filesystem...

7.1CVSS5.5AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•4 views

SUSE CVE-2026-23234

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fswriteendio As syzbot reported an use-after-free issue in f2fswriteendio. It is caused by below race condition: loop device umount - workerthread - loopprocesswork - doreqfilebacked - lorwaio -...

7CVSS5.6AI score0.00119EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•6 views

SUSE CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...

7.8CVSS5.7AI score0.00156EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•7 views

SUSE CVE-2026-23236

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFXIOCTLREPORTDAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid...

7.8CVSS5.7AI score0.00206EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•4 views

SUSE CVE-2026-23237

In the Linux kernel, the following vulnerability has been resolved: platform/x86: classmate-laptop: Add missing NULL pointer checks In a few places in the Classmate laptop driver, code using the accel object may run before that object's address is stored in the driver data of the input device usi...

5.5CVSS5.7AI score0.00193EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•9 views

SUSE CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References3
Total number of security vulnerabilities59854