Lucene search
K
SusecveRecent

59218 matches found

SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•12 views

SUSE CVE-2026-9986

Insufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.8AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•18 views

SUSE CVE-2026-9987

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

7.8CVSS6.2AI score0.00099EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•16 views

SUSE CVE-2026-9988

Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•14 views

SUSE CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•15 views

SUSE CVE-2026-9990

Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•13 views

SUSE CVE-2026-9991

Inappropriate implementation in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•14 views

SUSE CVE-2026-9992

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00234EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•10 views

SUSE CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

8.3CVSS5.8AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•15 views

SUSE CVE-2026-9994

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•10 views

SUSE CVE-2026-9995

Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00296EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•13 views

SUSE CVE-2026-9996

Out of bounds read in WebRTC in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00191EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•18 views

SUSE CVE-2026-9997

Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00178EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•16 views

SUSE CVE-2026-9998

Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.9AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•18 views

SUSE CVE-2026-9999

Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•14 views

SUSE CVE-2026-10000

Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00185EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:16 a.m.•20 views

SUSE CVE-2026-10001

Use after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•13 views

SUSE CVE-2026-10002

Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

8.8CVSS5.8AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•16 views

SUSE CVE-2026-10003

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00221EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•20 views

SUSE CVE-2026-10004

Insufficient validation of untrusted input in Passwords in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•15 views

SUSE CVE-2026-10005

Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00261EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•12 views

SUSE CVE-2026-10006

Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.0023EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•14 views

SUSE CVE-2026-10007

Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•16 views

SUSE CVE-2026-10008

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00224EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•15 views

SUSE CVE-2026-10009

Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.3AI score0.00221EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•11 views

SUSE CVE-2026-10010

Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5CVSS5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•12 views

SUSE CVE-2026-10011

Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•16 views

SUSE CVE-2026-10012

Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•12 views

SUSE CVE-2026-10013

Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00319EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•11 views

SUSE CVE-2026-10014

Use after free in WebMIDI in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00185EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•16 views

SUSE CVE-2026-10015

Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•14 views

SUSE CVE-2026-10016

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•15 views

SUSE CVE-2026-10017

Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00185EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•12 views

SUSE CVE-2026-10018

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•13 views

SUSE CVE-2026-10019

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.9AI score0.0019EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•16 views

SUSE CVE-2026-10020

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00198EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•9 views

SUSE CVE-2026-10021

Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00234EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:15 a.m.•18 views

SUSE CVE-2026-10022

Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00151EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:8 a.m.•14 views

SUSE CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

5.9CVSS6AI score0.00337EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/30 2:8 a.m.•18 views

SUSE CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

8.6CVSS6.5AI score0.01272EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/30 2:7 a.m.•17 views

SUSE CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

3.8CVSS6AI score0.00216EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:7 a.m.•16 views

SUSE CVE-2026-40528

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

7.8CVSS5.9AI score0.00146EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/05/30 2:7 a.m.•15 views

SUSE CVE-2026-40622

NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other 'ghost domain names' attacks, an adversary needs to control a ghost...

5.9CVSS5.7AI score0.00171EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/30 2:7 a.m.•15 views

SUSE CVE-2026-41150

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, there is a denial-of-service attack when rendering gantt charts, if they use the excludes attribute to exclude all dates. mermaid.parse is unaffected, unless you th...

5.3CVSS5.8AI score0.00384EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:7 a.m.•15 views

SUSE CVE-2026-41159

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:7 a.m.•13 views

SUSE CVE-2026-41292

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold Unbound threads hostage while they are parsing and creating internal data...

5.9CVSS5.8AI score0.00556EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/30 2:7 a.m.•13 views

SUSE CVE-2026-41565

CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer...

7.5CVSS6.1AI score0.00469EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/30 2:6 a.m.•17 views

SUSE CVE-2026-42534

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could renew the age of slow running queries and not allow the jostle logic to see them as aged and potentia...

5.9CVSS5.7AI score0.00519EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/30 2:6 a.m.•14 views

SUSE CVE-2026-42923

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...

5.9CVSS5.8AI score0.00339EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/30 2:6 a.m.•15 views

SUSE CVE-2026-42944

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDNS and/or EDNS Padding options in the reply packet. The relevant options 'nsid', 'answer-cookie', 'pad-responses' default need to be enabl...

7.5CVSS5.8AI score0.00842EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/05/30 2:6 a.m.•13 views

SUSE CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

7.5CVSS5.8AI score0.00779EPSS
Exploits0References12
Total number of security vulnerabilities59218