Lucene search
K
SusecveRecent

59189 matches found

SUSE CVE
SUSE CVE
•added 2026/06/12 2:26 a.m.•5 views

SUSE CVE-2026-45591

unknown...

7.5CVSS5.2AI score0.0243EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/06/12 2:26 a.m.•6 views

SUSE CVE-2026-45624

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. This issue has been patched in...

5.1CVSS5.2AI score0.0012EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/12 2:26 a.m.•6 views

SUSE CVE-2026-45664

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...

5.3CVSS5.2AI score0.00441EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•6 views

SUSE CVE-2026-46520

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23...

5.5CVSS5.2AI score0.00441EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•6 views

SUSE CVE-2026-46521

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and...

5.5CVSS5.2AI score0.00111EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•10 views

SUSE CVE-2026-46522

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...

5.5CVSS5.2AI score0.01849EPSS
Exploits2References4
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•6 views

SUSE CVE-2026-46523

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue...

5.5CVSS5.2AI score0.00301EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•5 views

SUSE CVE-2026-46557

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument. This issue has been patched in version 7.1.2-23...

6.2CVSS5.3AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•7 views

SUSE CVE-2026-46559

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...

4CVSS5.4AI score0.00116EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•8 views

SUSE CVE-2026-47712

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes ...

3.3CVSS5.3AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•8 views

SUSE CVE-2026-47734

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS5.3AI score0.00188EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•8 views

SUSE CVE-2026-48681

OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...

8.1CVSS5.2AI score0.00601EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•9 views

SUSE CVE-2026-48855

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS5.3AI score0.00277EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•7 views

SUSE CVE-2026-48856

Sensitive Data Exposure vulnerability in Erlang OTP inets httpcresponse module allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request headers to redirect targets without checking whether the redirect crosses an origin boundary...

7.1CVSS5.3AI score0.00335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•9 views

SUSE CVE-2026-48858

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

6.5CVSS5.5AI score0.00234EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•7 views

SUSE CVE-2026-48860

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.4AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•8 views

SUSE CVE-2026-50127

Weblate is a web based localization tool. From version 5.15 to before version 2026.6, Weblate's VCSRESTRICTPRIVATE did not properly account for some transitional IPv6 ranges, multicast addresses, or some semi-private IPv4 ranges, which allowed some addresses to bypass private range restrictions...

5.9CVSS5.2AI score0.00291EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•8 views

SUSE CVE-2026-50266

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECTMANAGER without...

2.2CVSS5.3AI score0.00262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:25 a.m.•7 views

SUSE CVE-2026-52726

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, dulwich.porcelain.submoduleupdate, and by extension porcelain.clone..., recursesubmodules=True, materializes attacker-controlled submodule paths from a crafted...

7.5CVSS5.7AI score0.00448EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/12 2:24 a.m.•10 views

SUSE CVE-2026-53689

libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfszdrstring in lib/libnfs-zdr.c...

7.1CVSS5.4AI score0.00192EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•6 views

SUSE CVE-2026-46692

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in...

4.1CVSS5.4AI score0.00092EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•11 views

SUSE CVE-2026-46693

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met. This issue ha...

4.1CVSS5.2AI score0.00077EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•7 views

SUSE CVE-2026-47165

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, the distributed pixel cache was originally designed to operate without a challenge-response authentication model. This has been changed in versions 6.9.13-48 an...

4.1CVSS5.2AI score0.00109EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•8 views

SUSE CVE-2026-47166

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been patched in versio...

5.7CVSS5.5AI score0.00093EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•7 views

SUSE CVE-2026-48724

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-24, when using an image with mask the Floyd-Steinberg dithering method it will cause a negative heap buffer over-write. This issue has been patched in version 7.1.2-24...

5.5CVSS5.4AI score0.00103EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•7 views

SUSE CVE-2026-48733

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

4.7CVSS5.2AI score0.00092EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•6 views

SUSE CVE-2026-48734

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

5.5CVSS5.2AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•7 views

SUSE CVE-2026-48994

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in versions 6.9.13-48...

5.9CVSS5.4AI score0.00227EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•7 views

SUSE CVE-2026-49218

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This issue has been patched...

7.5CVSS5.2AI score0.00346EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:14 a.m.•9 views

SUSE CVE-2026-49219

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, an incorrect parsing of the filename can result in a policy bypass and read files disallowed by a security policy using a symlink. This issue has been patched i...

5.5CVSS5.2AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:13 a.m.•8 views

SUSE CVE-2026-53460

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 a...

5.5CVSS5.2AI score0.00346EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/11 11:13 a.m.•7 views

SUSE CVE-2026-53461

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions 6.9.13-50 and...

7.5CVSS5.2AI score0.00353EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:13 a.m.•7 views

SUSE CVE-2026-53462

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-...

5.9CVSS5.2AI score0.00227EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:13 a.m.•7 views

SUSE CVE-2026-53463

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25...

4.3CVSS5.2AI score0.00187EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:13 a.m.•9 views

SUSE CVE-2026-53464

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, when providing invalid options to the wand option parser a small memory leak will occur. This issue has been patched in version 7.1.2-25...

4CVSS5.2AI score0.0011EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/11 11:13 a.m.•8 views

SUSE CVE-2026-53465

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-25, a crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder. This issue has been patched in version 7.1.2-25...

6.2CVSS5.4AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:33 a.m.•12 views

SUSE CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

4.7CVSS5.4AI score0.00376EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:33 a.m.•11 views

SUSE CVE-2026-9698

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

7.8CVSS5.9AI score0.00376EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/10 2:33 a.m.•12 views

SUSE CVE-2026-10028

A flaw was found in glib-networking. A remote attacker can exploit this vulnerability by presenting a specially crafted certificate chain to an application that uses glib-networking with the GnuTLS backend enabled and performs certificate verification. This crafted chain, which contains circular...

4.3CVSS5.5AI score0.00184EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•15 views

SUSE CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00244EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•9 views

SUSE CVE-2026-11623

A security vulnerability has been detected in tmux up to 3.6a. Affected is the function imagefree of the file image.c. Such manipulation leads to use after free. Local access is required to approach this attack. This attack is characterized by high complexity. The exploitability is told to be...

5.8CVSS4.6AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•13 views

SUSE CVE-2026-11628

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: Critical...

6.8CVSS5.4AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•10 views

SUSE CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.0027EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•10 views

SUSE CVE-2026-11630

Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•7 views

SUSE CVE-2026-11631

Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•8 views

SUSE CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00264EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•9 views

SUSE CVE-2026-11633

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...

8.8CVSS6AI score0.00232EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•11 views

SUSE CVE-2026-11634

Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.5AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•12 views

SUSE CVE-2026-11635

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/10 2:32 a.m.•9 views

SUSE CVE-2026-11636

Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS5.6AI score0.00222EPSS
Exploits0References3
Total number of security vulnerabilities59189