59855 matches found
SUSE CVE-2025-65500
NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...
SUSE CVE-2025-65501
Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...
SUSE CVE-2025-40209
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation When btrfsaddqgrouprelation is called with invalid qgroup levels src = dst, the function returns -EINVAL directly without freeing the preallocated qgrouplist structur...
SUSE CVE-2025-40210
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
SUSE CVE-2025-40211
In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed work accesses device-brightness and device-backlight, freed by acpivideodevunregisterbacklight during device removal. If the work...
SUSE CVE-2025-9820
A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...
SUSE CVE-2025-12120
Lite XL versions 2.1.8 and prior automatically execute the .liteproject.lua file when opening a project directory, without prompting the user for confirmation. The .liteproject.lua file is intended for project-specific configuration but can contain executable Lua logic. This behavior could allow...
SUSE CVE-2025-12121
Lite XL versions 2.1.8 and prior contain a vulnerability in the system.exec function, which allowed arbitrary command execution through unsanitized shell command construction. This function was used in project directory launching core.lua, drag-and-drop file handling rootview.lua, and the "open i...
SUSE CVE-2025-13425
A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...
SUSE CVE-2025-13470
In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...
SUSE CVE-2025-13499
Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service...
SUSE CVE-2025-60796
phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting XSS vulnerabilities across various components. User-supplied input from $REQUEST parameters is reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php, admin.ph...
SUSE CVE-2025-60797
phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQL queries from the $REQUEST'query' parameter without any sanitization or parameterization via $data-conn-Execute$REQUEST'query'. An authenticated...
SUSE CVE-2025-60798
phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in display.php at line 396. The application passes user-controlled input from $REQUEST'query' directly to the browseQuery function without proper sanitization. An authenticated attacker can exploit this vulnerability to execute...
SUSE CVE-2025-60799
phpPgAdmin 7.13.0 and earlier contains an incorrect access control vulnerability in sql.php at lines 68-76. The application allows unauthorized manipulation of session variables by accepting user-controlled parameters 'subject', 'server', 'database', 'queryid' without proper validation or access...
SUSE CVE-2025-64524
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault...
SUSE CVE-2025-64751
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...
SUSE CVE-2025-13402
unknown...
SUSE CVE-2025-47914
SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...
SUSE CVE-2025-58181
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...
SUSE CVE-2022-24785
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...
SUSE CVE-2025-11563
URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...
SUSE CVE-2025-54770
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...
SUSE CVE-2025-54771
A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this vulnerability to cause grub t...
SUSE CVE-2025-61661
A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...
SUSE CVE-2025-61662
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
SUSE CVE-2025-61663
A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the normal command is not properly unregistered when the module is unloaded. An attacker who can execute this comman...
SUSE CVE-2025-61664
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
SUSE CVE-2025-64076
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...
SUSE CVE-2025-64324
KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...
SUSE CVE-2025-65015
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In versions from 1.3.3 to before 1.3.5 and from 1.4.0 to before 1.4.2, the ExceededSizeError exception messages are embedded with non-decoded JWT token parts and may cause...
SUSE CVE-2022-50341
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...
SUSE CVE-2025-12495
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
SUSE CVE-2025-12839
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
SUSE CVE-2025-12840
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this...
SUSE CVE-2025-13193
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...
SUSE CVE-2025-13223
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2025-13224
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2025-9479
Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2025-63744
A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load function of bindyldcache.c. Processing a crafted file can cause a segmentation fault and crash the program...
SUSE CVE-2025-63745
A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info function of binne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data...
SUSE CVE-2025-40119
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if groupinfo slab cache allocation fails. Since...
SUSE CVE-2025-40136
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - request reserved interrupt for virtual function The device interrupt vector 3 is an error interrupt for physical function and a reserved interrupt for virtual function. However, the driver has not registere...
SUSE CVE-2025-40138
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid NULL pointer dereference in f2fscheckquotaconsistency syzbot reported a f2fs bug as below: Oops: gen 107.736417 T5848 Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 ...
SUSE CVE-2025-40147
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: fix access race during throttle policy activation On repeated cold boots we occasionally hit a NULL pointer crash in blkshouldthrotl when throttling is consulted before the throttle policy is fully enabled for the...
SUSE CVE-2025-40187
In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce If newasoc-peer.adaptationind=0 and sctpulpeventmakeauthkey=0 and sctpulpeventmakeauthkey returns 0, then the variable aiev remains zero and the zero will be...
SUSE CVE-2025-40190
In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4xattrinodeupdateref reads an EA inode refcount that is already ref underflow: refcount=-1 refchange=-1 EXT4-fs warning: eainode dec...
SUSE CVE-2025-40192
In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c608966f3f9c2dca596967501d00753282b395fc. This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in ...
SUSE CVE-2025-40193
In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: add input size check in procwritesimdisk A malicious user could pass an arbitrarily bad value to memdupusernul, potentially causing kernel crash. This follows the same pattern as commit ee76746387f6 "netdevsim:...
SUSE CVE-2025-40195
In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...