Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/05/02 1:25 a.m.•13 views

SUSE CVE-2026-31713

In the Linux kernel, the following vulnerability has been resolved: fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason error, crash while processing FUSEINIT, the filesystem creation will hang. The reason is that while all other threads will...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/02 1:25 a.m.•13 views

SUSE CVE-2026-31714

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

3.3CVSS5.8AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/02 1:25 a.m.•13 views

SUSE CVE-2026-31716

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate rec-used in journal-replay file record check checkfilerecord validates rec-total against the record size but never validates rec-used. The doaction journal-replay handlers read rec-used from disk and use it to...

7.3CVSS5.7AI score0.00128EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/01 2:3 a.m.•13 views

SUSE CVE-2026-42012

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

5.9CVSS5.8AI score0.00354EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/28 11:27 p.m.•13 views

SUSE CVE-2026-31787

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmdvmops defines .close privcmdclose, but neither .maysplit nor .open. When userspace does a partial munmap on a privcmd mapping, the kernel splits the VMA via splitvma. Since...

5.5CVSS5.3AI score0.00183EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2026/04/26 1:52 a.m.•13 views

SUSE CVE-2026-31681

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtmultiport: validate range encoding in checkentry portsmatchv1 treats any non-zero pflags entry as the start of a port range and unconditionally consumes the next ports element as the range end. The checkentry path...

4.4CVSS5.4AI score0.00115EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/25 1:36 a.m.•13 views

SUSE CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

7.5CVSS5.5AI score0.00389EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•13 views

SUSE CVE-2026-31519

In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFSROOTORPHANCLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Ja...

5.5CVSS5.6AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/20 11:26 p.m.•13 views

SUSE CVE-2026-33516

xrdp is an open source RDP server. Versions through 0.10.5 contain an out-of-bounds read vulnerability during the RDP capability exchange phase. The issue occurs when memory is accessed before validating the remaining buffer length. A remote, unauthenticated attacker can trigger this vulnerabilit...

9.1CVSS5.8AI score0.00427EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/15 11:25 p.m.•13 views

SUSE CVE-2026-40499

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

7.8CVSS6.1AI score0.01184EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/14 8:41 a.m.•13 views

SUSE CVE-2026-3446

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

5.3CVSS5.7AI score0.00188EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/09 11:30 p.m.•13 views

SUSE CVE-2026-5863

Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.7AI score0.00292EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/30 11:30 p.m.•13 views

SUSE CVE-2026-32241

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

8.8CVSS6.2AI score0.02709EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/28 12:25 a.m.•13 views

SUSE CVE-2026-33535

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 display interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue...

4CVSS5.9AI score0.00141EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•13 views

SUSE CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•13 views

SUSE CVE-2026-23318

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UACVERSION2, while it should have been UACVERSION3. This...

5.5CVSS5.7AI score0.00132EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•13 views

SUSE CVE-2026-23334

In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: handle short interrupt urb messages properly If an interrupt urb is received that is not the correct length, properly detect it and don't attempt to treat the data as valid...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•13 views

SUSE CVE-2026-4711

Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

6.3CVSS7.2AI score0.00398EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•13 views

SUSE CVE-2026-4717

Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

6.3CVSS7.2AI score0.00417EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/02/25 12:24 a.m.•13 views

SUSE CVE-2026-25968

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versio...

7.4CVSS6AI score0.00272EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/02/16 12:27 a.m.•13 views

SUSE CVE-2025-71202

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache entries for the CPU kernel address space. This interface is invoked from the x86 architecture code tha...

5.5CVSS5.4AI score0.00108EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•13 views

SUSE CVE-2026-23039

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

5.8AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•13 views

SUSE CVE-2026-22987

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•13 views

SUSE CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/23 12:40 a.m.•13 views

SUSE CVE-2025-38596

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF in panthorgemcreatewithhandle debugfs code The object is potentially already gone after the drmgemobjectput. In general the object should be fully constructed before calling drmgemhandlecreate, except the...

7.8CVSS6.3AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/19 12:23 a.m.•13 views

SUSE CVE-2025-71115

In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...

5.5CVSS6.7AI score0.00108EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/17 12:27 a.m.•13 views

SUSE CVE-2025-68121

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the...

7.4CVSS8.2AI score0.00765EPSS
Exploits1References62
SUSE CVE
SUSE CVE
•added 2026/01/06 12:36 a.m.•13 views

SUSE CVE-2017-18889

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts via webhooks and slash commands, in the v3 or v4 REST API...

4.3CVSS4.9AI score0.00664EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/31 12:32 a.m.•13 views

SUSE CVE-2022-50810

In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...

6.5AI score0.00233EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:32 a.m.•13 views

SUSE CVE-2022-50818

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix runningreq for internal abort commands Disabling the remote phy for a SATA disk causes a hang: root@none$ more /sys/class/sasphy/phy-0:0:8/targetportprotocols sata root@none$ echo 0...

5.5CVSS6.8AI score0.00203EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/31 12:31 a.m.•13 views

SUSE CVE-2022-50822

In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memory leak as the task struct won't be released...

5.5CVSS6.4AI score0.002EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•13 views

SUSE CVE-2022-50716

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

6.6CVSS6.5AI score0.00239EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•13 views

SUSE CVE-2022-50734

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmemregister devsetname will alloc memory for nvmem-dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for...

6.5AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/20 12:29 a.m.•13 views

SUSE CVE-2025-44005

An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks...

10CVSS7AI score0.0326EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/10 12:39 a.m.•13 views

SUSE CVE-2022-50631

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of fdt buffer This is reported by kmemleak detector: unreferenced object 0xff60000082864000 size 9588: comm "kexec", pid 146, jiffies 4294900634 age 64.788s hex dump first 32 bytes: d0 0d fe ed 00 0...

6.6AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/10 12:39 a.m.•13 views

SUSE CVE-2022-50643

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...

3.3CVSS6.5AI score0.00174EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/10 12:38 a.m.•13 views

SUSE CVE-2022-50653

In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehos...

5.5CVSS6.5AI score0.00179EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/11/14 12:24 a.m.•13 views

SUSE CVE-2025-40164

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smpprocessorid in preemptible code warnings Syzbot reported the following warning: BUG: using smpprocessorid in preemptible 00000000 code: dhcpcd/2879 caller is usbnetskbreturn+0x74/0x490...

4.7CVSS6.7AI score0.00171EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/09/17 11:29 p.m.•13 views

SUSE CVE-2023-53189

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconfmodrstimer, reference idev depends on whether rstimer is not pending. Then modify rstimer timeout. There is a time gap in 1, during which if the pending...

5.5CVSS6.5AI score0.00146EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2025/09/12 11:23 p.m.•13 views

SUSE CVE-2025-39787

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...

4.4CVSS6.6AI score0.00148EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/09/04 11:23 p.m.•13 views

SUSE CVE-2025-38728

In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parseserverinterfaces see below: BUG: KASAN: slab-out-of-bounds in...

5.5CVSS6.2AI score0.0014EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/29 11:23 p.m.•13 views

SUSE CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

3.3CVSS6.5AI score0.00156EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/04 2:38 p.m.•13 views

SUSE CVE-2025-38162

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc-fieldlen maximum value is U8MAX multiplied by...

6.6CVSS8.1AI score0.00138EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/06/19 3:45 a.m.•13 views

SUSE CVE-2022-49948

In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctlKDFONTOP the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new screen size and thus...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•13 views

SUSE CVE-2022-49990

In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork failure The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially copied on fork...

5.5CVSS6.3AI score0.0022EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•13 views

SUSE CVE-2022-49999

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix space cache corruption and potential double allocations When testing spacecache v2 on a large set of machines, we encountered a few symptoms: 1. "unable to add free space :-17" EEXIST errors. 2. Missing free space info...

5.5CVSS6.5AI score0.00211EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:43 a.m.•13 views

SUSE CVE-2022-50029

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gccsleepclksrc Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also. However, it seems that it cannot be disabled and trying to do so produces:...

5.5CVSS6.2AI score0.0016EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/06/19 3:41 a.m.•13 views

SUSE CVE-2022-50118

In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisable commit 2c9ac51b850d "powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC" added a new function...

5.5CVSS6.3AI score0.00159EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/06/12 3:31 a.m.•13 views

SUSE CVE-2025-40915

Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand function...

7CVSS7AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/05/21 12:47 a.m.•13 views

SUSE CVE-2025-37897

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...

3.3CVSS7.6AI score0.0016EPSS
Exploits0References16
Total number of security vulnerabilities5000