Lucene search
K
SusecveRecent

59189 matches found

SUSE CVE
SUSE CVE
•added 2026/06/19 1:49 a.m.•6 views

SUSE CVE-2026-54387

Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding both verbatim to the backend while using Content-Length to determine how many request body bytes to consume. Remote attackers can desynchronize the...

9.3CVSS6AI score0.00439EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:49 a.m.•5 views

SUSE CVE-2026-54388

Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing values, forwarding all duplicate headers to the backend while using the first value to determine how many request body bytes to consume. Remote attackers can...

9.3CVSS6AI score0.00439EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:49 a.m.•7 views

SUSE CVE-2026-54761

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...

7.1CVSS5.9AI score0.00318EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:49 a.m.•9 views

SUSE CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS5.8AI score0.00408EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:49 a.m.•11 views

SUSE CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

8.1CVSS6.2AI score0.00732EPSS
Exploits10References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:49 a.m.•5 views

SUSE CVE-2026-55202

Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation. Remote attackers can trigger...

8.8CVSS5.9AI score0.00335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/19 1:49 a.m.•7 views

SUSE CVE-2026-55517

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket handshake response, Deno parsed the Sec-WebSocket-Protocol and Sec-WebSocket-Extensions response...

4.3CVSS5.9AI score0.00183EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•10 views

SUSE CVE-2026-10649

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...

7.5CVSS5.4AI score0.0044EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•9 views

SUSE CVE-2026-12310

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•6 views

SUSE CVE-2026-12311

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

4.7CVSS5.2AI score0.00185EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•10 views

SUSE CVE-2026-12312

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•6 views

SUSE CVE-2026-12313

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

4.7CVSS5.2AI score0.00175EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•6 views

SUSE CVE-2026-12314

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•7 views

SUSE CVE-2026-12315

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

9.1CVSS5.2AI score0.00251EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•7 views

SUSE CVE-2026-12327

Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

8.1CVSS5.8AI score0.00407EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•7 views

SUSE CVE-2026-12328

Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

8.1CVSS5.8AI score0.00476EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•8 views

SUSE CVE-2026-12329

Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12...

5.3CVSS5.3AI score0.00313EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•11 views

SUSE CVE-2026-12330

Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12...

5.4CVSS5.2AI score0.00164EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•8 views

SUSE CVE-2026-12437

Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.3AI score0.00279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•6 views

SUSE CVE-2026-12438

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.3AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•8 views

SUSE CVE-2026-12439

Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•9 views

SUSE CVE-2026-12440

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.3AI score0.00251EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•8 views

SUSE CVE-2026-12441

Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00301EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•7 views

SUSE CVE-2026-12442

Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00387EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•8 views

SUSE CVE-2026-12443

Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00601EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•7 views

SUSE CVE-2026-12444

Out of bounds read in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: High...

5.5CVSS5.2AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•9 views

SUSE CVE-2026-12445

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS5.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•8 views

SUSE CVE-2026-12446

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.3AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•8 views

SUSE CVE-2026-12447

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.00417EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•9 views

SUSE CVE-2026-12448

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.3AI score0.00255EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 2:0 a.m.•9 views

SUSE CVE-2026-12449

Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

7.8CVSS5.2AI score0.00109EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12450

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.3AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•22 views

SUSE CVE-2026-12451

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12452

Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00256EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•6 views

SUSE CVE-2026-12453

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.3AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12454

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•9 views

SUSE CVE-2026-12455

Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00227EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•8 views

SUSE CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.2AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•9 views

SUSE CVE-2026-12457

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.2AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•8 views

SUSE CVE-2026-12458

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.3AI score0.0019EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•6 views

SUSE CVE-2026-12459

Inappropriate implementation in Serial in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1CVSS5.5AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12460

Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. Chromium security severity: High...

4.2CVSS5.2AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•8 views

SUSE CVE-2026-12461

Out of bounds read in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.3AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12462

Use after free in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12463

Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

4.7CVSS5.5AI score0.00133EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12464

Use after free in Browser in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12465

Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•8 views

SUSE CVE-2026-12466

Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.00426EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•7 views

SUSE CVE-2026-12467

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/18 1:59 a.m.•8 views

SUSE CVE-2026-12468

Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00143EPSS
Exploits0References3
Total number of security vulnerabilities59189