Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•5 views

SUSE CVE-2026-26014

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonc...

5.9CVSS5.9AI score0.00619EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•5 views

SUSE CVE-2026-26055

Yoke is a Helm-inspired infrastructure-as-code IaC package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller ATC component of Yoke. The ATC webhook endpoints lack proper authentication mechanisms, allowing any pod within the cluster network to directly send...

7.5CVSS6AI score0.0041EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•5 views

SUSE CVE-2026-26056

Yoke is a Helm-inspired infrastructure-as-code IaC package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller ATC component of Yoke. It allows users with CR create/update permissions to execute arbitrary WASM code in the ATC controller context by injecting a...

8.8CVSS6.1AI score0.004EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•3 views

SUSE CVE-2026-26187

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. Prior to 1.77.0, the local block adapter pkg/block/local/adapter.go allows authenticated users to read and write files outside their designated storage boundaries. The verifyRelPath function used...

8.1CVSS5.8AI score0.0039EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•4 views

SUSE CVE-2026-26190

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

9.8CVSS5.8AI score0.27661EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•6 views

SUSE CVE-2026-26201

emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...

7.5CVSS5.8AI score0.00291EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•5 views

SUSE CVE-2026-26205

opa-envoy-plugun is a plugin to enforce OPA policies with Envoy. Versions prior to 1.13.2-envoy-2 have a vulnerability in how the input.parsedpath field is constructed. HTTP request paths are treated as full URIs when parsed; interpreting leading path segments prefixed with double slashes // as...

7.1CVSS5.9AI score0.0038EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•4 views

SUSE CVE-2026-26313

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.17.0, an attacker can cause high memory usage by sending a specially-crafted p2p message. The issue is resolved in the v1.17.0 release...

7.5CVSS6AI score0.00578EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•5 views

SUSE CVE-2026-26314

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, a vulnerable node can be forced to shutdown/crash using a specially crafted message. The problem is resolved in the v1.16.9 and v1.17.0 releases of Geth...

8.7CVSS5.9AI score0.0058EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•4 views

SUSE CVE-2026-26315

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

7.5CVSS5.9AI score0.00447EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•3 views

SUSE CVE-2026-26957

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: Upon further research, the maintainer determined that the behavior described by the CVE record is intended behavior. Per the GitHub Security Advisory: "Libredesk is a single-tenant, self-hosted application. Configuring outbound...

5.5AI score0.00061EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•3 views

SUSE CVE-2026-26963

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.18.0 through 1.18.5 will incorrectly permit traffic from Pods on other nodes when Native Routing, WireGuard and Node Encryption are enabled. This issue has been fixed in version 1.18.6...

6.1CVSS5.7AI score0.00126EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:26 a.m.•6 views

SUSE CVE-2026-26995

Further research determined the issue is an external dependency vulnerability...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:25 a.m.•5 views

SUSE CVE-2026-27571

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. Prior to versions 2.11.2 and 2.12.3, the implementation bound the memory size of a NATS...

7.5CVSS5.8AI score0.00478EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/04 12:25 a.m.•5 views

SUSE CVE-2026-27598

Dagu is a workflow engine with a built-in Web user interface. In versions up to and including 1.16.7, the CreateNewDAG API endpoint POST /api/v1/dags does not validate the DAG name before passing it to the file store. An authenticated user with DAG write permissions can write arbitrary YAML files...

7.1CVSS6.3AI score0.00571EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:25 a.m.•6 views

SUSE CVE-2026-27611

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direct download link i...

7.1CVSS5.8AI score0.00307EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/04 12:25 a.m.•6 views

SUSE CVE-2026-27626

OliveTin gives access to predefined shell commands from a web interface. In versions up to and including 3000.10.0, OliveTin's shell mode safety check checkShellArgumentSafety blocks several dangerous argument types but not password. A user supplying a password-typed argument can inject shell...

9.9CVSS6.1AI score0.00448EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:26 a.m.•4 views

SUSE CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

8.8CVSS5.8AI score0.00126EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/03/03 12:26 a.m.•4 views

SUSE CVE-2026-3196

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

6.5CVSS5.9AI score0.00102EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/03/03 12:26 a.m.•6 views

SUSE CVE-2026-3388

A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be approached locally. The exploit has been made public and could...

5.5CVSS5.2AI score0.00166EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:26 a.m.•3 views

SUSE CVE-2026-3389

A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstdrexnewnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and m...

5.5CVSS5.4AI score0.00166EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:26 a.m.•6 views

SUSE CVE-2026-3408

A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available...

6.5CVSS5.3AI score0.00394EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:26 a.m.•9 views

SUSE CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this...

7.1CVSS6AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:26 a.m.•8 views

SUSE CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

7.1CVSS5.9AI score0.00245EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:25 a.m.•5 views

SUSE CVE-2026-25884

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

6.5CVSS5.7AI score0.00307EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•4 views

SUSE CVE-2026-27141

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•3 views

SUSE CVE-2026-27596

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

5.5CVSS5.7AI score0.00367EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•4 views

SUSE CVE-2026-27631

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

5.5CVSS5.7AI score0.00255EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•4 views

SUSE CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS5.9AI score0.00206EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•4 views

SUSE CVE-2026-27824

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.8AI score0.00148EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•3 views

SUSE CVE-2026-28351

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. This has been fixed in pypdf 6.7.4. As a workaroun...

5.3CVSS5.7AI score0.00423EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•3 views

SUSE CVE-2026-28417

Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the scp:// protocol handler, an attacker can execute arbitrary shell command...

5.3CVSS6.1AI score0.01162EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•5 views

SUSE CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.3CVSS5.9AI score0.0022EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•3 views

SUSE CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

5.3CVSS5.9AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•3 views

SUSE CVE-2026-28420

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

3.9CVSS6AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•4 views

SUSE CVE-2026-28421

Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault SEGV exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issu...

5.3CVSS5.8AI score0.00177EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/03/03 12:24 a.m.•4 views

SUSE CVE-2026-28422

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in buildstlstrhl when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue...

3.3CVSS5.8AI score0.00142EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/02 12:28 a.m.•9 views

SUSE CVE-2025-40932

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will...

8.2CVSS5.7AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/02 12:26 a.m.•3 views

SUSE CVE-2025-61143

libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...

3.3CVSS5.7AI score0.00113EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/02 12:26 a.m.•5 views

SUSE CVE-2025-61144

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function...

6.6CVSS5.8AI score0.00253EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/03/02 12:26 a.m.•2 views

SUSE CVE-2025-61145

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c...

5.5CVSS5.7AI score0.00131EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/02 12:26 a.m.•4 views

SUSE CVE-2025-61146

saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component mallocstub.c...

4CVSS5.7AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/02 12:25 a.m.•8 views

SUSE CVE-2025-67733

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

6.8CVSS6AI score0.00586EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/28 12:24 a.m.•8 views

SUSE CVE-2026-25955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdiDeleteSurface frees surface-data without invalidating the appWindow-image that...

4.3CVSS5.8AI score0.00498EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/28 12:24 a.m.•8 views

SUSE CVE-2026-25959

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

5.3CVSS5.8AI score0.00567EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/28 12:24 a.m.•6 views

SUSE CVE-2026-25997

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfclipboardformatequal reads freed lastSentFormats memory because xfclipboardformatsfree called from the cliprdr channel thread during auto-reconnect frees the array while the X11 event thread concurrently...

5.3CVSS5.8AI score0.00567EPSS
Exploits1References11
SUSE CVE
SUSE CVE
•added 2026/02/28 12:24 a.m.•3 views

SUSE CVE-2026-26271

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in freerdpimagecopyfromicondata libfreerdp/codec/color.c can be triggered by crafted RDP Window Icon TSICONINFO data. The bug is reachable over the network when a client processes icon data...

5.3CVSS6AI score0.00242EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/28 12:24 a.m.•5 views

SUSE CVE-2026-26955

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination...

8.8CVSS6.1AI score0.00537EPSS
Exploits1References14
SUSE CVE
SUSE CVE
•added 2026/02/28 12:24 a.m.•6 views

SUSE CVE-2026-26986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References13
SUSE CVE
SUSE CVE
•added 2026/02/28 12:24 a.m.•4 views

SUSE CVE-2026-27015

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in smartcardunpackreadsizealign libfreerdp/utils/smartcardpack.c:1703 allows a malicious RDP server to crash the FreeRDP client via a reachable WINPRASSERT - abort. The crash occurs in...

6.5CVSS5.8AI score0.00256EPSS
Exploits1References8
Total number of security vulnerabilities59854