58335 matches found
SUSE CVE-2026-6777
Other issue in the Networking: DNS component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-6778
Invalid pointer in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-6779
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-6780
Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-6781
Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-6782
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-6783
Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-6784
Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
SUSE CVE-2026-34839
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API /api/4/ that is accessible without authentication and allows cross-origin requests from any origin due to a permissive CORS policy Access-Control-Allow-Origin: . This...
SUSE CVE-2026-35587
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...
SUSE CVE-2026-35588
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module glances/exports/glancescassandra/init.py interpolates keyspace, table, and replicationfactor configuration values directly into CQL statements without validation. A user with write...
SUSE CVE-2026-39377
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The...
SUSE CVE-2026-39378
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when HTMLExporter.embedimages=True, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references. A malicious notebook...
SUSE CVE-2026-40333
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...
SUSE CVE-2026-40334
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in ptpunpackCanonFE in camlibs/ptp2/ptp-pack.c line 1377. The function copies a filename into a 13-byte buffer using strncpy without explicitly null-terminating the result. ...
SUSE CVE-2026-40335
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackDPV in camlibs/ptp2/ptp-pack.c lines 622-629. The UINT128 and INT128 cases advance offset += 16 without verifying that 16 bytes remain in the buffer. The entry check at li...
SUSE CVE-2026-40336
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c lines 884-885. When processing a secondary enumeration list introduced in 2024+ Sony cameras, the function overwrites dpd-FORM.Enum.SupportedVal...
SUSE CVE-2026-40338
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTPDPFFEnumeration case of ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 856. The function reads a 2-byte enumeration count N via dtoh16odata, poffset without verifying that...
SUSE CVE-2026-40339
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 842. The function reads the FormFlag byte via dtoh8odata, poffset without a prior bounds check. The standard ptpunpackDPD at lines...
SUSE CVE-2026-40340
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in ptpunpackOI in camlibs/ptp2/ptp-pack.c lines 530-563. The function validates len PTPoiSequenceNumber i.e., len 48 but subsequently accesses offsets 48-56, up to 9 byt...
SUSE CVE-2026-40341
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...
SUSE CVE-2026-40706
In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...
SUSE CVE-2026-41316
ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to prevent code execution when an ERB object is reconstructed via Marshal.load deserialization. However, three other public methods th...
SUSE CVE-2025-54505
A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality...
SUSE CVE-2025-65104
Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or...
SUSE CVE-2026-3219
pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior only proceeds wit...
SUSE CVE-2026-6060
A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...
SUSE CVE-2026-28684
python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, setkey and unsetkey in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a...
SUSE CVE-2026-39388
OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Toke...
SUSE CVE-2026-39396
OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, ExtractPluginFromImage in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via io.Copy with no upper bound on the number of bytes written. ...
SUSE CVE-2026-39886
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...
SUSE CVE-2026-39946
OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation...
SUSE CVE-2026-40244
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...
SUSE CVE-2026-40250
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...
SUSE CVE-2026-40264
OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3...
SUSE CVE-2026-41445
KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kissfftndralloc function in kissfftndr.c where the allocation size calculation dimOtherdimReal+2sizeofkissfftscalar overflows signed 32-bit integer arithmetic before being widened to sizet, causing malloc to allocate ...
SUSE CVE-2026-5958
When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determining when output is written, 2. opens the original...
SUSE CVE-2026-27890
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCTspecificdata segments during authentication, the server assumes segments arrive in strictly ascending order. If segments arrive out of order, the Array class's grow...
SUSE CVE-2026-28212
Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an opslice network packet, the server passes an unprepared structure containing a null pointer to the SDLinfo function, resulting in a null pointer dereference an...
SUSE CVE-2026-28214
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...
SUSE CVE-2026-28224
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an opcryptkeycallback packet without prior authentication, the portservercryptcallback handler is not initialized, resulting in a null pointer dereference and...
SUSE CVE-2026-29013
libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...
SUSE CVE-2026-31429
In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...
SUSE CVE-2026-31430
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...
SUSE CVE-2026-32105
xrdp is an open source RDP server. In versions through 0.10.5, xrdp does not implement verification for the Message Authentication Code MAC signature of encrypted RDP packets when using the "Classic RDP Security" layer. While the sender correctly generates signatures, the receiving logic lacks th...
SUSE CVE-2026-32107
xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary co...
SUSE CVE-2026-32623
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in the NeutrinoRDP module. When proxying RDP sessions from xrdp to another server, the module fails to properly validate the size of reassembled fragmented virtual channel data against it...
SUSE CVE-2026-32624
xrdp is an open source RDP server. Versions through 0.10.5 contain a heap-based buffer overflow vulnerability in its logon processing. In environments where domainuserseparator is configured in xrdp.ini, an unauthenticated remote attacker can send a crafted, excessively long username and domain...
SUSE CVE-2026-33145
xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due to unsafe handling of the AlternateShell parameter in xrdp-sesman. When the AllowAlternateShell setting is enabled which is the default when not explicitly...
SUSE CVE-2026-33337
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdrdatum function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated...