Lucene search
K
SusecveRecent

59189 matches found

SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•7 views

SUSE CVE-2026-43660

A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Policy from being...

7.1CVSS5.8AI score0.0027EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•8 views

SUSE CVE-2026-45155

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have 62^15 complexity by...

2.6CVSS5.7AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•8 views

SUSE CVE-2026-45283

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the fileslock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...

6.3CVSS5.7AI score0.00211EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•9 views

SUSE CVE-2026-45676

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section...

5.5CVSS5.7AI score0.00162EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•13 views

SUSE CVE-2026-45678

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond th...

7.5CVSS5.8AI score0.00341EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•7 views

SUSE CVE-2026-45679

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this behavior can exfiltrate...

6.5CVSS5.7AI score0.00212EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•9 views

SUSE CVE-2026-45680

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the...

7.5CVSS5.7AI score0.00319EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•9 views

SUSE CVE-2026-45681

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. If a CPU mismatch occurs, OBI can...

5.9CVSS5.8AI score0.00287EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•9 views

SUSE CVE-2026-45682

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In long-running...

7.5CVSS5.7AI score0.00161EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•9 views

SUSE CVE-2026-45683

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

3.8CVSS5.7AI score0.00174EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•9 views

SUSE CVE-2026-45685

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.1.0 to before version 0.9.0, malformed MongoDB wire messages can trigger uncaught panics in the MongoDB TCP parser, allowing a remote unauthenticated attacker to crash the telemetr...

7.5CVSS5.8AI score0.00462EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•8 views

SUSE CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

5.3CVSS5.7AI score0.00172EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:23 a.m.•10 views

SUSE CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

7.5CVSS5.9AI score0.00353EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:22 a.m.•8 views

SUSE CVE-2026-46244

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

5.5CVSS5.8AI score0.0031EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•7 views

SUSE CVE-2026-46245

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

5.7AI score0.00108EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•7 views

SUSE CVE-2026-46246

In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916lbc: Fix use-after-free for extcon in IRQ handler Using the devm variant for requesting IRQ before the devm variant for allocating/registering the extcon handle, means that the extcon handle will be...

5.8AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46247

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•7 views

SUSE CVE-2026-46248

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46250

In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is simply assigned with new address during kernel relocation. This...

7.3CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46249

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

5.8AI score0.00115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46251

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix blockgrouptree dirtylist corruption When the incompat flag EXTENTTREEV2 is set, we unconditionally add the block group tree to the switchcommits list before calling switchcommitroots, as we do for the tree root and the...

5.7AI score0.00132EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46252

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix locking in regulatorresolvesupply error path If late enabling of a supply regulator fails in regulatorresolvesupply, the code currently triggers a lockdep warning: WARNING: drivers/regulator/core.c:2649 at...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46253

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistentramsaveold persistentramsaveold can be called multiple times for the same persistentramzone e.g., via ramoopspstoreread - ramoopsgetnextprz for PSTORETYPEDMESG records. Currently, the...

5.9AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46255

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove The clocks in fsledmaengine::muxclk are allocated and enabled with devmclkgetenabled, which automatically cleans these resources up, but these clocks are also manual...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46254

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Allow apparmor to handle unaligned dfa tables The dfa tables can originate from kernel or userspace and 8-byte alignment isn't always guaranteed and as such may trigger unaligned memory accesses on various architectures...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46256

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

5.8AI score0.00099EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46257

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when readcurrenttimer is called on ARM32 platforms where the SP804 is not registered as the schedclock. On SP804, the delay timer shares the same clkevt instance with schedclock. On so...

5.8AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

5.8AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46259

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46260

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6addrt2node. syzbot reported out-of-bound read in fib6addrt2node. 0 When IPv6 route is created with RTANHID, struct fib6info does not have the trailing struct fib6nh. The cited commit started t...

5.8AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46261

In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcmfiuprobe platformgetresourcebyname can return NULL, which would cause a crash when passed the pointer to resourcesize. Move the fiu-memorysize assignment after the erro...

5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46263

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as an index into streamencregs, which has only 5 entries. When engid is ...

5.7AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

5.8AI score0.00091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46264

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devmaddactionorreset failure the provided cleanup action will be run immediately on the not yet initialized kobject. This may lead to errors like: kobject: 'null' ff110001393608e0: i...

5.8AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46265

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

5.8AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46266

In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTORAW MUST drop incoming ICMP Yizhou Zhao reported that simply having one RAW socket on protocol IPPROTORAW 255 was dangerous. socketAFINET, SOCKRAW, 255; A malicious incoming ICMP packet can set the...

9.1CVSS5.8AI score0.00346EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46267

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46268

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Fix p2pmemallocmmap warning condition Commit b7e282378773 has already changed the initial page refcount of p2pdma page from one to zero, however, in p2pmemallocmmap it uses "VMWARNONONCEPAGE!pagerefcountpage" to asser...

5.7AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•9 views

SUSE CVE-2026-46269

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference. The crash trace showed: 0.732084 Unable to handle kernel NULL point...

5.8AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-46270

In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-46271

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads enabled on both primary and secondary links. Change to do it only on primary link to fix it...

5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•9 views

SUSE CVE-2026-46272

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WARNON in tmcetrenablehw is triggered sometimes: WARNING: CPU: 42 PID: 3911571 at...

5.9AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•11 views

SUSE CVE-2026-46273

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

5.5CVSS5.6AI score0.00389EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•10 views

SUSE CVE-2026-47265

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the cookies parameter on requests are sent after following a cross-origin redirect. If a developer uses the cookies parameter on a per-request basis then sensitive data might ...

5.3CVSS5.8AI score0.0015EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•9 views

SUSE CVE-2026-48095

7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...

7.8CVSS6.4AI score0.00938EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•7 views

SUSE CVE-2026-48587

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.utils.cache.hasvaryheader in Django does not strip leading or trailing whitespace from Vary response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose...

5.9CVSS5.8AI score0.00354EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•93 views

SUSE CVE-2026-49261

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...

9CVSS5.5AI score0.00998EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•7 views

SUSE CVE-2026-49271

libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...

5.5CVSS5.8AI score0.00199EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•9 views

SUSE CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

6.3CVSS6.1AI score0.003EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/06/04 2:21 a.m.•8 views

SUSE CVE-2026-49975

Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's modhttp leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67...

7.5CVSS5.4AI score0.11471EPSS
Exploits7References6
Total number of security vulnerabilities59189