Lucene search
K
SusecveRecent

59380 matches found

SUSE CVE
SUSE CVE
•added 2026/04/24 1:28 a.m.•6 views

SUSE CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS5.6AI score0.00226EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:27 a.m.•5 views

SUSE CVE-2026-41564

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:27 a.m.•7 views

SUSE CVE-2026-41651

PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use TOCTOU race condition on transaction flags that...

8.8CVSS6AI score0.0046EPSS
Exploits10References13
SUSE CVE
SUSE CVE
•added 2026/04/24 1:27 a.m.•8 views

SUSE CVE-2026-41988

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

3.2CVSS5.7AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:27 a.m.•11 views

SUSE CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS6AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/24 1:27 a.m.•12 views

SUSE CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:36 a.m.•7 views

SUSE CVE-2017-20230

Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...

10CVSS5.8AI score0.00641EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•6 views

SUSE CVE-2026-0540

DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in commit 2726c74, contain a cross-site scripting vulnerability that allows attackers to bypass attribute sanitization by exploiting five missing rawtext elements noscript, xmp, noembed, noframes, iframe in the SAFEFORXML regex. Attacke...

6.1CVSS7.2AI score0.0034EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•7 views

SUSE CVE-2026-3605

An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor read any secret...

8.1CVSS5.7AI score0.00376EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•9 views

SUSE CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

7.5CVSS5.6AI score0.00629EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•7 views

SUSE CVE-2026-5367

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

6.5CVSS5.3AI score0.00868EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•7 views

SUSE CVE-2026-5789

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•7 views

SUSE CVE-2026-5807

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...

7.5CVSS5.7AI score0.00718EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/04/23 1:29 a.m.•11 views

SUSE CVE-2026-6507

A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY Bootstrap Protocol Reply packet to a dnsmasq server configured with the --dhcp-split-relay option. This can lead to memory corruption, causing the dnsmasq...

7.5CVSS5.7AI score0.00482EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•7 views

SUSE CVE-2026-6844

A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...

5.5CVSS5.7AI score0.00104EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•9 views

SUSE CVE-2026-6845

A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...

5CVSS5.7AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•5 views

SUSE CVE-2026-6846

A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution,...

7.8CVSS5.9AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•10 views

SUSE CVE-2026-22003

unknown...

6CVSS7.2AI score0.00101EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•10 views

SUSE CVE-2026-22007

unknown...

2.9CVSS7.2AI score0.00124EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•8 views

SUSE CVE-2026-22008

unknown...

3.7CVSS7.2AI score0.00206EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•8 views

SUSE CVE-2026-22013

unknown...

5.3CVSS7.2AI score0.0028EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•10 views

SUSE CVE-2026-22016

unknown...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•11 views

SUSE CVE-2026-22018

unknown...

3.7CVSS7.2AI score0.00269EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:28 a.m.•10 views

SUSE CVE-2026-22021

unknown...

5.3CVSS7.2AI score0.00305EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:27 a.m.•22 views

SUSE CVE-2026-25542

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.43.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, trusted resources verification policies match a resource source string refSource.URI against spec.resources.pattern...

6.5CVSS5.8AI score0.00264EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•14 views

SUSE CVE-2026-31431

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...

7.8CVSS5.6AI score0.96267EPSS
Exploits228References146
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•16 views

SUSE CVE-2026-31432

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

8.8CVSS5.8AI score0.00507EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•9 views

SUSE CVE-2026-31433

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

8.8CVSS5.8AI score0.006EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•8 views

SUSE CVE-2026-31434

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group spaceinfo When createspaceinfosubgroup allocates elements of spaceinfo-subgroup, kobjectinitandadd is called for each element via btrfssysfsaddspaceinfotype. However, when...

5.5CVSS5.6AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•6 views

SUSE CVE-2026-31435

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get abandoned during retry. The abandonment process expects the 'subreq' variable to be set to the place...

6.4CVSS5.6AI score0.00342EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•10 views

SUSE CVE-2026-31436

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llistabortdesc At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer...

7CVSS5.6AI score0.00457EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•7 views

SUSE CVE-2026-31437

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...

5.6AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•6 views

SUSE CVE-2026-31438

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel BUG in netfslimititer for ITERKVEC iterators When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates an ITERKVEC iterator. This iterator reaches netfslimititer via...

5.5CVSS5.6AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•6 views

SUSE CVE-2026-31439

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devmregmapinitmmio returns an ERRPTR upon error, not NULL. Fix the error check and also fix the error message. Use the error code from ERRPTR instead of the wrong value in r...

5.6AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•12 views

SUSE CVE-2026-31440

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log...

5.6AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•9 views

SUSE CVE-2026-31441

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxdwqdisablecleanup which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty all its resourc...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•5 views

SUSE CVE-2026-31442

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible invalid memory access after FLR In the case that the first Function Level Reset FLR concludes correctly, but in the second FLR the scratch area for the saved configuration cannot be allocated, it's...

5.6AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•8 views

SUSE CVE-2026-31443

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix crash when the event log is disabled If reporting errors to the event log is not supported by the hardware, and an error that causes Function Level Reset FLR is received, the driver will try to restore the...

5.6AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•6 views

SUSE CVE-2026-31444

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smbgrantoplock smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is called. If...

5.7AI score0.0045EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•8 views

SUSE CVE-2026-31445

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid use of half-online-committed context One major usage of damoncall is online DAMON parameters update. It is done by calling damoncommitctx inside the damoncall callback function. damoncommitctx can fail for tw...

5.6AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•8 views

SUSE CVE-2026-31446

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in updatesuperwork when racing with umount Commit b98535d09179 "ext4: fix bugon in startthishandle during umount filesystem" moved ext4unregistersysfs before flushing ssbupdwork to prevent new error work...

4.7CVSS5.6AI score0.00131EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•10 views

SUSE CVE-2026-31447

In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with sfirstdatablock != 0 bigalloc with sfirstdatablock != 0 is not supported, reject mounting it...

5.6AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•9 views

SUSE CVE-2026-31448

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...

5.5CVSS5.7AI score0.00433EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•12 views

SUSE CVE-2026-31449

In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes ext4extcorrectindexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.pidx-eiblock, there is no validation...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•8 views

SUSE CVE-2026-31450

In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4inodeattachjinode publishes ei-jinode to concurrent users. It used to set ei-jinode before jbd2journalinitjbdinode, allowing a reader to observe a non-NULL jinode with ivfsinode still...

8.8CVSS5.6AI score0.00469EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•7 views

SUSE CVE-2026-31451

In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUGON with proper error handling in ext4readinlinefolio Replace BUGON with proper error handling when inline data size exceeds PAGESIZE. This prevents kernel panic and allows the system to continue running while...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•7 views

SUSE CVE-2026-31452

In the Linux kernel, the following vulnerability has been resolved: ext4: convert inline data to extents when truncate exceeds inline size Add a check in ext4setattr to convert files from inline data storage to extent-based storage when truncate grows the file size beyond the inline capacity. Thi...

5.5CVSS5.6AI score0.00129EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•8 views

SUSE CVE-2026-31453

In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaildpushitem calls ioppush, the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free th...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•6 views

SUSE CVE-2026-31454

In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•7 views

SUSE CVE-2026-31455

In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfsunmountflushinodes pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any use-after-free issues -...

5.5CVSS5.6AI score0.00126EPSS
Exploits0References16
Total number of security vulnerabilities59380