Lucene search
K
SusecveRecent

59218 matches found

SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•13 views

SUSE CVE-2026-8554

Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•11 views

SUSE CVE-2026-8555

Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•10 views

SUSE CVE-2026-8556

Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•11 views

SUSE CVE-2026-8557

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•11 views

SUSE CVE-2026-8558

Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8559

Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.9AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•13 views

SUSE CVE-2026-8560

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00251EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•13 views

SUSE CVE-2026-8561

Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.8AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8562

Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8563

Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•15 views

SUSE CVE-2026-8564

Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•10 views

SUSE CVE-2026-8565

Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.7CVSS5.8AI score0.00134EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•10 views

SUSE CVE-2026-8566

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•14 views

SUSE CVE-2026-8567

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.00183EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•10 views

SUSE CVE-2026-8568

Determined not a vulnerability...

5.2AI score0.00174EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•11 views

SUSE CVE-2026-8569

Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00246EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8570

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•16 views

SUSE CVE-2026-8571

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8572

Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8573

Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

8.3CVSS5.9AI score0.00233EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8574

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8575

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8576

Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8577

Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.3AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•14 views

SUSE CVE-2026-8578

Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8579

Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted print file. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00134EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8580

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00211EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8581

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•13 views

SUSE CVE-2026-8582

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8583

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00179EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•7 views

SUSE CVE-2026-8584

Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•12 views

SUSE CVE-2026-8585

Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.8AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•8 views

SUSE CVE-2026-8586

Inappropriate implementation in Chromoting in Google Chrome prior to 148.0.7778.168 allowed a local attacker to bypass discretionary access control via a malicious file. Chromium security severity: Medium...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8587

Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00175EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•9 views

SUSE CVE-2026-8612

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache backend, WWW::Mechanize::Cached constructs a default Cache::FileCache under /tmp/FileCache without...

5.3CVSS6.1AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:13 a.m.•10 views

SUSE CVE-2026-34253

A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow that can cause...

8.2CVSS6AI score0.00515EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:13 a.m.•11 views

SUSE CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

6.1CVSS5.8AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:12 a.m.•11 views

SUSE CVE-2026-41181

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors custom error pages middleware. When the backend returns a response matching the configured status range, the middleware forwards the...

5.8CVSS5.8AI score0.00445EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:12 a.m.•7 views

SUSE CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

2.3CVSS5.7AI score0.0041EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:12 a.m.•10 views

SUSE CVE-2026-42256

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0 to before 0.6.4, when authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational...

6CVSS5.7AI score0.00299EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:12 a.m.•9 views

SUSE CVE-2026-42308

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...

7.5CVSS7.1AI score0.00114EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/05/16 1:12 a.m.•10 views

SUSE CVE-2026-42582

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoderdecodeHuffmanEncodedLiteral may execute new bytelength for a string literal before verifying that length byt...

7.5CVSS5.8AI score0.00437EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•10 views

SUSE CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

5.5CVSS5.9AI score0.00408EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•10 views

SUSE CVE-2026-43903

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIODASSERT for bounds checking in the RLE decode loop. In release builds, OIIODASSERT compiles to voidsizeofx...

8.4CVSS6AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•17 views

SUSE CVE-2026-43904

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 mixed RLE and :345 pure RLE do not clamp the run length to remaining scanline width before writing pixels. The r...

8.4CVSS5.8AI score0.00173EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•10 views

SUSE CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

7.8CVSS6AI score0.00173EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•11 views

SUSE CVE-2026-43906

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the HEIF decoder of OpenImageIO allows out-of-bounds writes via crafted images due to a subimage metada...

8.5CVSS6.1AI score0.00188EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•14 views

SUSE CVE-2026-43907

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGBBufferSizeInternal in DPXColorConverter.cpp leads to a heap-based out-of-bounds write when...

8.3CVSS6.6AI score0.0037EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•11 views

SUSE CVE-2026-43908

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the pixel-loop index expression i 3 inside ConvertCbYCrYToRGB causes the function to compute a larg...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•8 views

SUSE CVE-2026-43909

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the loop index expression i 4 inside SwapRGBABytes causes the function to compute a large negative...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References3
Total number of security vulnerabilities59218