Lucene search
K
SusecveRecent

59855 matches found

SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•3 views

SUSE CVE-2025-65105

Apptainer is an open source container platform. In Apptainer versions less than 1.4.5, a container can disable two of the forms of the little used --security option, in particular the forms --security=apparmor: and --security=selinux: which otherwise put restrictions on operations that containers...

5.3CVSS6.9AI score0.00198EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•6 views

SUSE CVE-2025-65430

An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as isactive=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected...

5.4CVSS7AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•7 views

SUSE CVE-2025-65431

An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead...

5.4CVSS7.3AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•4 views

SUSE CVE-2025-66406

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0...

5CVSS6.8AI score0.00138EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•4 views

SUSE CVE-2025-66411

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...

7.8CVSS6.5AI score0.00203EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•2 views

SUSE CVE-2025-66506

Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.3, function identity.extractIssuerURL splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious...

7.5CVSS7.1AI score0.00191EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•5 views

SUSE CVE-2025-66564

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...

7.5CVSS6.8AI score0.00411EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•3 views

SUSE CVE-2025-67896

Exim before 4.99.1, with certain non-default rate-limit configurations, allows a remote heap-based buffer overflow because database records are cast directly to internal structures without validation...

9.8CVSS7.1AI score0.00404EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•5 views

SUSE CVE-2025-67899

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas...

4CVSS7AI score0.0012EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/14 12:25 a.m.•5 views

SUSE CVE-2025-40345

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound newpba Discovered by Atuin - Automated Vulnerability Discovery Engine. newpba comes from the status packet returned after each write. A bogus device could report values beyond the block...

6.8CVSS6.5AI score0.00171EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/12/13 12:27 a.m.•3 views

SUSE CVE-2025-13780

pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

9.1CVSS7.5AI score0.00866EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•2 views

SUSE CVE-2025-53040

unknown...

4.9CVSS7.5AI score0.00533EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•4 views

SUSE CVE-2025-53042

unknown...

4.9CVSS7.5AI score0.00533EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•4 views

SUSE CVE-2025-53044

unknown...

4.9CVSS7.5AI score0.00533EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•7 views

SUSE CVE-2025-53045

unknown...

4.9CVSS7.5AI score0.00533EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•2 views

SUSE CVE-2025-53053

unknown...

5.5CVSS7.5AI score0.00438EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•2 views

SUSE CVE-2025-53054

unknown...

5.5CVSS7.5AI score0.00438EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•2 views

SUSE CVE-2025-53062

unknown...

4.9CVSS7.5AI score0.00533EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/13 12:25 a.m.•5 views

SUSE CVE-2025-53069

unknown...

4.9CVSS7.5AI score0.00533EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/13 12:24 a.m.•4 views

SUSE CVE-2025-65807

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

8.4CVSS6.9AI score0.00174EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/13 12:24 a.m.•2 views

SUSE CVE-2025-66001

NeuVector supports login authentication through OpenID Connect. However, the TLS verification which verifies the remote server's authenticity and integrity for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle MITM attacks...

8.8CVSS7.8AI score0.00321EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/13 12:24 a.m.•7 views

SUSE CVE-2025-67724

Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the supplied reason phrase is used unescaped in HTTP headers where it could be used for header injection or in HTML in the default error page where it could be used for XSS and can be exploited by...

5.4CVSS6.5AI score0.00192EPSS
Exploits0References43
SUSE CVE
SUSE CVE
•added 2025/12/12 1:24 a.m.•24 views

SUSE CVE-2002-0363

ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice...

7.5CVSS7.7AI score0.02109EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 1:24 a.m.•9 views

SUSE CVE-2002-0657

Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key...

7.5CVSS8.1AI score0.09232EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 1:24 a.m.•15 views

SUSE CVE-2002-1219

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records RR...

7.5CVSS8.2AI score0.12322EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 1:24 a.m.•6 views

SUSE CVE-2002-1220

BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service termination due to assertion failure via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size...

5CVSS6.8AI score0.096EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 1:24 a.m.•12 views

SUSE CVE-2002-1221

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service crash via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference...

5CVSS6.8AI score0.07573EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 1:14 a.m.•7 views

SUSE CVE-2018-21258

An issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of service via the invitepeople slash command...

7.5CVSS6.8AI score0.01155EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:50 a.m.•13 views

SUSE CVE-2025-12756

Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate user permissions when deleting comments in Boards, which allows an authenticated user with the editor role to delete comments created by other users...

4.3CVSS6.8AI score0.00158EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:49 a.m.•27 views

SUSE CVE-2025-13357

Vault's Terraform Provider incorrectly set the default denynullbind parameter for the LDAP auth method to false by default, potentially resulting in an insecure configuration. If the underlying LDAP server allowed anonymous or unauthenticated binds, this could result in authentication bypass. Thi...

9.8CVSS7.1AI score0.00503EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:49 a.m.•7 views

SUSE CVE-2025-14372

Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS7.2AI score0.00233EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 12:49 a.m.•3 views

SUSE CVE-2025-14373

Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.4AI score0.00277EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 12:49 a.m.•6 views

SUSE CVE-2025-14512

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...

6.5CVSS7.2AI score0.00524EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/12/12 12:49 a.m.•6 views

SUSE CVE-2025-14523

A flaw in libsoup's HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...

8.2CVSS6.5AI score0.00505EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/12 12:26 a.m.•7 views

SUSE CVE-2025-41115

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user...

10CVSS6.7AI score0.17653EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•4 views

SUSE CVE-2025-55074

Mattermost versions 10.11.x = 10.11.3, 10.5.x = 10.5.11 fail to enforce access permissions on the Agents plugin which allows other users to determine when users had read channels via channel member objects...

3.5CVSS6.5AI score0.00148EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•7 views

SUSE CVE-2025-59029

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY...

5.3CVSS6.9AI score0.00336EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•5 views

SUSE CVE-2025-59030

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP...

7.5CVSS7AI score0.00504EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•6 views

SUSE CVE-2025-59391

A memory disclosure vulnerability exists in libcoap's OSCORE configuration parser in libcoap before release-4.3.5-patches. An out-of-bounds read may occur when parsing certain configuration values, allowing an attacker to infer or read memory beyond string boundaries in the .rodata section. This...

6.5CVSS6.4AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•6 views

SUSE CVE-2025-60632

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the NpcfBDTPolicyControl API...

6.5CVSS6.9AI score0.00205EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•3 views

SUSE CVE-2025-60638

An issue was discovered in Free5GC v4.0.0 and v4.0.1 allowing an attacker to cause a denial of service via crafted POST request to the NnssfNSSAIAvailability API...

7.5CVSS6.9AI score0.00303EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•8 views

SUSE CVE-2025-65025

esm.sh is a nobuild content delivery networkCDN for modern web development. Prior to version 136, the esm.sh CDN service is vulnerable to path traversal during NPM package tarball extraction. An attacker can craft a malicious NPM package containing specially crafted file paths e.g.,...

9.8CVSS7AI score0.0051EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:25 a.m.•6 views

SUSE CVE-2025-65026

esm.sh is a nobuild content delivery networkCDN for modern web development. Prior to version 136, The esm.sh CDN service contains a Template Literal Injection vulnerability CWE-94 in its CSS-to-JavaScript module conversion feature. When a CSS file is requested with the ?module query parameter,...

9.6CVSS6.8AI score0.00448EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:24 a.m.•5 views

SUSE CVE-2025-65111

SpiceDB is an open source database system for creating and managing security-critical application permissions. Prior to version 1.47.1, if a schema includes the following characteristics: permission defined in terms of a union + and that union references the same relation on both sides but one si...

6.3CVSS6.8AI score0.00194EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:24 a.m.•4 views

SUSE CVE-2025-65803

An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service DoS via supplying a crafted PSD file...

6.5CVSS7.1AI score0.00256EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/12 12:24 a.m.•6 views

SUSE CVE-2025-65965

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

8.2CVSS6.6AI score0.0013EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:24 a.m.•6 views

SUSE CVE-2025-66410

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder...

9.1CVSS6.9AI score0.00506EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2025/12/12 12:24 a.m.•3 views

SUSE CVE-2025-66418

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory...

5.3CVSS6.8AI score0.00633EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/12/12 12:24 a.m.•6 views

SUSE CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

5.3CVSS6.9AI score0.00633EPSS
Exploits0References27
SUSE CVE
SUSE CVE
•added 2025/12/12 12:24 a.m.•3 views

SUSE CVE-2025-66490

Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters /, , Null,...

7.4CVSS6.7AI score0.00344EPSS
Exploits1References3
Total number of security vulnerabilities59855