Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•3 views

SUSE CVE-2026-2005

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.5AI score0.01208EPSS
Exploits3References35
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•7 views

SUSE CVE-2026-2006

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...

8.8CVSS6.5AI score0.01079EPSS
Exploits0References39
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•5 views

SUSE CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00481EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•3 views

SUSE CVE-2026-2313

Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score0.04095EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•5 views

SUSE CVE-2026-2314

Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.042EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•6 views

SUSE CVE-2026-2315

Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score0.08754EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•5 views

SUSE CVE-2026-2316

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.6AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•6 views

SUSE CVE-2026-2317

Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.6AI score0.00199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•3 views

SUSE CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.6AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•6 views

SUSE CVE-2026-2319

Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures and install a malicious extension to potentially exploit object corruption via a malicious file. Chromium security severity: Medium...

7.5CVSS5.6AI score0.00204EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•2 views

SUSE CVE-2026-2320

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.6AI score0.0021EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•1 views

SUSE CVE-2026-2321

Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.6AI score0.00248EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•3 views

SUSE CVE-2026-2322

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.6AI score0.00229EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•3 views

SUSE CVE-2026-2323

Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.6AI score0.00223EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•8 views

SUSE CVE-2026-2327

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...

7.5CVSS5.6AI score0.00503EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•2 views

SUSE CVE-2026-2369

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...

6.5CVSS5.9AI score0.0042EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•7 views

SUSE CVE-2026-21722

Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any...

5.3CVSS5.5AI score0.00327EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/13 12:25 a.m.•4 views

SUSE CVE-2026-24684

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsndtreatwave. This vulnerability is fixed in 3.22.0...

7.3CVSS5.6AI score0.00534EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/02/13 12:24 a.m.•8 views

SUSE CVE-2026-25990

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

7.5CVSS6.6AI score0.00367EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/02/13 12:24 a.m.•4 views

SUSE CVE-2026-26080

unknown...

7.5CVSS5.4AI score
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/02/13 12:24 a.m.•3 views

SUSE CVE-2026-26081

unknown...

7.5CVSS5.4AI score
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/02/12 12:44 a.m.•6 views

SUSE CVE-2024-54192

An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial of service via a crafted file to the tcpeditdltgetplugin function at src/tcpedit/plugins/dltutils.c...

5.5CVSS5.5AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:40 a.m.•7 views

SUSE CVE-2025-5167

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function LWOImporter::GetS0 in the library assimp/code/AssetLib/LWO/LWOLoader.h. The manipulation of the argument out leads to out-of-bounds read. The...

5.5CVSS4.3AI score0.00208EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/02/12 12:40 a.m.•5 views

SUSE CVE-2025-6010

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.4AI score
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/02/12 12:39 a.m.•5 views

SUSE CVE-2025-12474

A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas...

6.5CVSS5.5AI score0.00101EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/02/12 12:38 a.m.•5 views

SUSE CVE-2025-14831

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS5.4AI score0.00638EPSS
Exploits1References14
SUSE CVE
SUSE CVE
•added 2026/02/12 12:38 a.m.•6 views

SUSE CVE-2025-15570

A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzmadecompressbuf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the...

7.8CVSS5.2AI score0.00202EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:38 a.m.•5 views

SUSE CVE-2025-15571

A security vulnerability has been detected in ckolivas lrzip up to 0.651. This vulnerability affects the function ucompthread of the file stream.c. Such manipulation leads to null pointer dereference. The attack can only be performed from a local environment. The exploit has been disclosed public...

5.5CVSS5AI score0.00158EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:34 a.m.•7 views

SUSE CVE-2025-31648

Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

3.9CVSS5.4AI score0.00133EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•4 views

SUSE CVE-2026-0964

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

5CVSS7AI score0.00408EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•2 views

SUSE CVE-2026-0965

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service DoS by causing the system t...

3.3CVSS6.5AI score0.00158EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•4 views

SUSE CVE-2026-0966

A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...

6.5CVSS6.3AI score0.00582EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•4 views

SUSE CVE-2026-0967

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

2.2CVSS6.5AI score0.00223EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•4 views

SUSE CVE-2026-0968

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.7CVSS6.4AI score0.00442EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•6 views

SUSE CVE-2026-1837

A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...

8.1CVSS5.5AI score0.00199EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•4 views

SUSE CVE-2026-21929

unknown...

5.3CVSS5.4AI score0.00268EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•3 views

SUSE CVE-2026-21936

unknown...

4.9CVSS5.4AI score0.00337EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•5 views

SUSE CVE-2026-21937

unknown...

4.9CVSS5.4AI score0.00337EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•5 views

SUSE CVE-2026-21941

unknown...

4.9CVSS5.4AI score0.00337EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•5 views

SUSE CVE-2026-21948

unknown...

4.9CVSS5.4AI score0.00337EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•2 views

SUSE CVE-2026-21949

unknown...

6.5CVSS5.4AI score0.00317EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•2 views

SUSE CVE-2026-21950

unknown...

6.5CVSS5.4AI score0.00316EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•2 views

SUSE CVE-2026-21952

unknown...

4.9CVSS5.4AI score0.00337EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•4 views

SUSE CVE-2026-21964

unknown...

4.9CVSS5.4AI score0.00337EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/12 12:27 a.m.•5 views

SUSE CVE-2026-21965

unknown...

2.7CVSS5.4AI score0.00305EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:26 a.m.•5 views

SUSE CVE-2026-24679

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface. This vulnerability is fixed in 3.22.0...

7.3CVSS5.6AI score0.00489EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/02/12 12:26 a.m.•7 views

SUSE CVE-2026-24680

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...

7.3CVSS5.6AI score0.00423EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/12 12:25 a.m.•6 views

SUSE CVE-2026-24683

FreeRDP is a free implementation of the Remote Desktop Protocol. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free. Prior to 3.22.0, This...

7.3CVSS5.6AI score0.00467EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/02/12 12:25 a.m.•4 views

SUSE CVE-2026-25506

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...

7.7CVSS6.3AI score0.00302EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/02/12 12:25 a.m.•5 views

SUSE CVE-2026-25934

go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vulnerability was discovered in go-git whereby data integrity values for .pack and .idx files were not properly verified. This resulted in go-git potentially consuming corrupted files, which would like...

4.3CVSS5.6AI score0.00136EPSS
Exploits0References10
Total number of security vulnerabilities59854