Lucene search
K
SusecveRecent

59189 matches found

SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•8 views

SUSE CVE-2026-48101

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule .scap parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize up to 1 GiB without...

6.5CVSS5.6AI score0.00277EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-48102

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

4.3CVSS5.6AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•9 views

SUSE CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

7.1CVSS5.4AI score0.00225EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•9 views

SUSE CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-48111

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parserCPP/7zip/Archive/UefiHandler.cpp. The function validates an attacker-controlled opco...

7.1CVSS5.4AI score0.00225EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•11 views

SUSE CVE-2026-48112

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...

6.5CVSS5.6AI score0.00267EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•19 views

SUSE CVE-2026-49980

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from the URL and passed...

9.8CVSS5.9AI score0.00701EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•9 views

SUSE CVE-2026-50265

This CVE ID was assigned as a duplicate of CVE-2026-50292...

7CVSS5.4AI score0.00019EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•8 views

SUSE CVE-2026-50292

In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...

9.8CVSS6.1AI score0.00498EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/06/09 2:20 a.m.•10 views

SUSE CVE-2026-50589

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...

5.3CVSS5.5AI score0.00433EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/08 1:5 a.m.•8 views

SUSE CVE-2026-1070

The Alex User Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.0. This is due to missing nonce validation on the alexusercounterfunction function. This makes it possible for unauthenticated attackers to update the plugin settings via...

4.3CVSS5.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/08 1:5 a.m.•10 views

SUSE CVE-2026-10701

Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3...

6.5CVSS5.4AI score0.00301EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/08 1:5 a.m.•6 views

SUSE CVE-2026-10702

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

7.5CVSS5.4AI score0.00293EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 5:48 a.m.•3 views

SUSE CVE-2018-7714

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which can raise...

7.5CVSS7.2AI score0.02313EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•8 views

SUSE CVE-2026-10881

Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•15 views

SUSE CVE-2026-10882

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00467EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•13 views

SUSE CVE-2026-10883

Type Confusion in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•8 views

SUSE CVE-2026-10884

Use after free in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•15 views

SUSE CVE-2026-10885

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00374EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•9 views

SUSE CVE-2026-10886

Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.5AI score0.00345EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•11 views

SUSE CVE-2026-10887

Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.1CVSS6AI score0.00404EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•11 views

SUSE CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS6AI score0.00187EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•11 views

SUSE CVE-2026-10889

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•9 views

SUSE CVE-2026-10890

Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00183EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•10 views

SUSE CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•9 views

SUSE CVE-2026-10893

Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS6AI score0.0036EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10895

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•14 views

SUSE CVE-2026-10896

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00374EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•9 views

SUSE CVE-2026-10897

Inappropriate implementation in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•7 views

SUSE CVE-2026-10898

Stack buffer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00332EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10900

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS5.6AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•7 views

SUSE CVE-2026-10901

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00341EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10902

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•7 views

SUSE CVE-2026-10903

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00493EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•8 views

SUSE CVE-2026-10904

Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00411EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•10 views

SUSE CVE-2026-10905

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•7 views

SUSE CVE-2026-10906

Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00326EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•8 views

SUSE CVE-2026-10907

Out of bounds write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00325EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•12 views

SUSE CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•10 views

SUSE CVE-2026-10909

Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•11 views

SUSE CVE-2026-10910

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00425EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•8 views

SUSE CVE-2026-10911

Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00305EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•7 views

SUSE CVE-2026-10912

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.5AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•8 views

SUSE CVE-2026-10913

Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•10 views

SUSE CVE-2026-10914

Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0039EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:51 a.m.•10 views

SUSE CVE-2026-10915

Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00275EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•9 views

SUSE CVE-2026-10916

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1CVSS5.6AI score0.00213EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•7 views

SUSE CVE-2026-10917

Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00305EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•7 views

SUSE CVE-2026-10918

Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/06/07 4:50 a.m.•9 views

SUSE CVE-2026-10919

Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
Total number of security vulnerabilities59189