Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/01/30 12:42 a.m.•6 views

SUSE CVE-2025-15468

Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. Impact summary: A NULL pointer dereference leads to abnormal termination of the running process causing Denial of Servic...

7.5CVSS5.8AI score0.00748EPSS
Exploits1References15
SUSE CVE
SUSE CVE
•added 2026/01/30 12:42 a.m.•7 views

SUSE CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

6.2CVSS5.8AI score0.00176EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/01/30 12:42 a.m.•9 views

SUSE CVE-2025-33219

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or informatio...

7.8CVSS6AI score0.00186EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:31 a.m.•35 views

SUSE CVE-2025-45160

A HTML injection vulnerability exists in the file upload functionality of Cacti , , into the rendered page. NOTE: Multiple third-parties including the maintainer have stated that they cannot reproduce this issue after 1.2.27...

5.4CVSS5.5AI score0.002EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:31 a.m.•6 views

SUSE CVE-2025-61140

The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution...

8.1CVSS5.9AI score0.00399EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/01/30 12:30 a.m.•5 views

SUSE CVE-2025-66199

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.3CVSS6AI score0.00403EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/01/30 12:30 a.m.•7 views

SUSE CVE-2025-68160

Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...

6.2CVSS5.8AI score0.00152EPSS
Exploits1References23
SUSE CVE
SUSE CVE
•added 2026/01/30 12:27 a.m.•5 views

SUSE CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

5.3CVSS5.7AI score0.00115EPSS
Exploits1References20
SUSE CVE
SUSE CVE
•added 2026/01/30 12:27 a.m.•6 views

SUSE CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

6.2CVSS6AI score0.00444EPSS
Exploits1References25
SUSE CVE
SUSE CVE
•added 2026/01/30 12:27 a.m.•5 views

SUSE CVE-2025-69420

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

5.3CVSS5.9AI score0.00768EPSS
Exploits1References23
SUSE CVE
SUSE CVE
•added 2026/01/30 12:27 a.m.•10 views

SUSE CVE-2025-69421

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

6.2CVSS6.2AI score0.00844EPSS
Exploits1References23
SUSE CVE
SUSE CVE
•added 2026/01/30 12:27 a.m.•12 views

SUSE CVE-2025-71159

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free warning in btrfsgetorcreatedelayednode Previously, btrfsgetorcreatedelayednode set the delayednode's refcount before acquiring the root-delayednodes lock. Commit e8513c012de7 "btrfs: implement reftracker...

7.8CVSS5.8AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:26 a.m.•6 views

SUSE CVE-2026-0818

When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If...

3.1CVSS7.5AI score0.00159EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/01/30 12:26 a.m.•4 views

SUSE CVE-2026-1467

A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF Carriage Return Line Feed Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing ...

6.1CVSS5.8AI score0.00312EPSS
Exploits1References13
SUSE CVE
SUSE CVE
•added 2026/01/30 12:26 a.m.•8 views

SUSE CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.9AI score0.00224EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:26 a.m.•6 views

SUSE CVE-2026-1536

A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...

8.6CVSS5.9AI score0.00298EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/01/30 12:26 a.m.•8 views

SUSE CVE-2026-1539

A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different...

5.8CVSS5.8AI score0.00237EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/01/30 12:26 a.m.•14 views

SUSE CVE-2026-22039

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...

9.9CVSS5.9AI score0.00516EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•7 views

SUSE CVE-2026-22261

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...

5.3CVSS5.9AI score0.00312EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•3 views

SUSE CVE-2026-22262

Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not us...

9.8CVSS6.1AI score0.00467EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•3 views

SUSE CVE-2026-22263

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing can lead to slowdown over multiple packets. Version 8.0.3 patches the issue. No known workarounds are available...

5.3CVSS5.9AI score0.00401EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•5 views

SUSE CVE-2026-22264

Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run...

9.1CVSS6AI score0.00344EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•6 views

SUSE CVE-2026-22795

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

6.2CVSS5.9AI score0.00144EPSS
Exploits1References20
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•10 views

SUSE CVE-2026-22796

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...

5.3CVSS5.9AI score0.00502EPSS
Exploits1References23
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•5 views

SUSE CVE-2026-22994

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference count leak in bpfprogtestrunxdp syzbot is reporting unregisternetdevice: waiting for sit0 to become free. Usage count = 2 problem. A debug printk patch found that a refcount is obtained at xdpconvertmdtobuff fr...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•7 views

SUSE CVE-2026-23014

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•7 views

SUSE CVE-2026-23881

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

7.7CVSS5.9AI score0.00531EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•6 views

SUSE CVE-2026-24413

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...

5.5CVSS5.9AI score0.00068EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•10 views

SUSE CVE-2026-24688

pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6.6.2. If projects...

4.3CVSS5.8AI score0.00388EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•5 views

SUSE CVE-2026-24765

PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...

7.8CVSS6.4AI score0.00343EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•3 views

SUSE CVE-2026-24842

node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path resolution semantics than the actual hardlink creation logic. This mismatch allows an attacker to craft a malicious TAR archive that bypasses path...

7.5CVSS6AI score0.00541EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•5 views

SUSE CVE-2026-24857

bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor's embedded unrar code has a heap-buffer-overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out-of-bounds write in Unpack::CopyString, leading to a crash under ASAN and...

9.8CVSS6AI score0.00373EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•5 views

SUSE CVE-2026-24881

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

8.8CVSS6.5AI score0.01745EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•5 views

SUSE CVE-2026-24882

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

7.8CVSS6.2AI score0.00421EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/01/30 12:24 a.m.•5 views

SUSE CVE-2026-24883

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

7.5CVSS5.9AI score0.00447EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/01/28 12:30 a.m.•8 views

SUSE CVE-2025-9615

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

5.5CVSS5.8AI score0.00162EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/01/28 12:29 a.m.•12 views

SUSE CVE-2025-13465

Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original...

8.2CVSS5.9AI score0.01535EPSS
Exploits0References30
SUSE CVE
SUSE CVE
•added 2026/01/28 12:29 a.m.•7 views

SUSE CVE-2025-28162

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer ASan, the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive...

3.3CVSS5.9AI score0.00139EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/01/28 12:29 a.m.•5 views

SUSE CVE-2025-28164

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct function...

3.3CVSS5.9AI score0.00139EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/01/28 12:27 a.m.•4 views

SUSE CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

5.3CVSS6AI score0.00127EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/01/28 12:27 a.m.•10 views

SUSE CVE-2025-58151

unknown...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•5 views

SUSE CVE-2025-68670

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

8.1CVSS6.7AI score0.01318EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•7 views

SUSE CVE-2026-1484

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...

8.1CVSS6AI score0.00304EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•5 views

SUSE CVE-2026-1485

A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a signed integer, which can lead to integer wraparound for very large inputs. This results in pointer underflow and out-of-bounds memory access...

3.3CVSS6AI score0.00139EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•6 views

SUSE CVE-2026-1489

A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds write...

8.1CVSS5.9AI score0.00325EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•4 views

SUSE CVE-2026-21720

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

7.5CVSS5.9AI score0.00618EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•6 views

SUSE CVE-2026-21721

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization-internal privilege...

8.1CVSS5.9AI score0.00647EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•7 views

SUSE CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

7.5CVSS6AI score0.00483EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•7 views

SUSE CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

7.5CVSS5.9AI score0.00508EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•7 views

SUSE CVE-2026-22260

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash with a stack overflow. Version 8.0.3 patches the issue. As a workaround, use default values for request-body-limit and response-body-limit...

7.5CVSS5.9AI score0.00494EPSS
Exploits0References3
Total number of security vulnerabilities59854