Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/05/30 1:59 a.m.•12 views

SUSE CVE-2026-48163

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

8CVSS5.8AI score0.00654EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/05/30 1:59 a.m.•12 views

SUSE CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

8.8CVSS6.1AI score0.0051EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:20 a.m.•12 views

SUSE CVE-2026-45134

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods pullprompt / pullpromptcommit in Python, pullPrompt / pullPromptCommit in JS/TS fetch and deserialize prompt manifests from...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

6.1CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46112

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

5.3CVSS5.8AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46122

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43rx The firmware-controlled key index in b43rx can exceed the dev-key array size 58 entries. The existing B43WARNON is non-enforcing in production builds, allowing an...

6.1CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46123

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against the buffer we posted to the device. The RX skb is allocated in...

7.7CVSS5.9AI score0.00142EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46144

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46150

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotifygetmarksafe may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46166

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211dfscaccancel can cause the iterated chanctx to be freed and removed from the list. Guard against this to avoid a slab-use-after-free error...

5.5CVSS5.8AI score0.00203EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46172

In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46181

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4srqevent Sashiko points out the radixtree itself is RCU safe, but nothing ever frees the mlx4srq struct with RCU, and it isn't even accessed within the RCU critical section. It also will crash...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

4.7CVSS5.8AI score0.00128EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46198

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix integer overflow on buffpos Fixing an integer overflow present in batadvivogmsendtoif. The size check is done using the int type in batadvivogmaggrpacket whereas the buffpos variable uses the s16 type. This could...

5.5CVSS5.8AI score0.00281EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46201

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

5.5CVSS5.8AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46209

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

7CVSS5.8AI score0.00139EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•12 views

SUSE CVE-2026-46213

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix UAF in inactivity-timer cleanup path Commit 38224c472a03 "HID: appletb-kbd: fix slab use-after-free bug in appletbkbdprobe" added timerdeletesync&kbd-inactivitytimer to both the probe closehw error path and...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•12 views

SUSE CVE-2026-46217

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.5CVSS5.2AI score0.00013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•12 views

SUSE CVE-2026-46219

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on unbind The state machine work is scheduled by the interrupt handler and therefore needs to be cancelled after disabling interrupts to avoid a potential use-after-free...

7CVSS5.7AI score0.00135EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•12 views

SUSE CVE-2026-46229

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...

7.1CVSS5.8AI score0.00119EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•12 views

SUSE CVE-2026-46230

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•12 views

SUSE CVE-2026-46231

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: put backbone reference on failed claim hash insert When batadvblaaddclaim fails to insert a new claim into the hash, it leaked a reference to the backbonegw for which the claim was intended. Call...

6.5CVSS5.8AI score0.00119EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•12 views

SUSE CVE-2026-46239

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 4:1 a.m.•12 views

SUSE CVE-2025-71307

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthorfwunplug This patch removes the MCU halt and wait for halt procedures during panthorfwunplug as the MCU can be in a variety of states or the FW may not even be loaded/initialize...

5.7AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 4:1 a.m.•12 views

SUSE CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•12 views

SUSE CVE-2026-45854

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - unregister only available algorithm EIP93 has an options register. This register indicates which crypto algorithms are implemented in silicon. Supported algorithms are registered on this basis...

5.8AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•12 views

SUSE CVE-2026-45855

In the Linux kernel, the following vulnerability has been resolved: ata: libata-scsi: avoid Non-NCQ command starvation When a non-NCQ command is issued while NCQ commands are being executed, atascsiqcissue indicates to the SCSI layer that the command issuing should be deferred by returning...

5.9AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•12 views

SUSE CVE-2026-45856

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

6.1CVSS5.8AI score0.00164EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•12 views

SUSE CVE-2026-45858

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

5.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•12 views

SUSE CVE-2026-45864

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•12 views

SUSE CVE-2026-45882

In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916bmsvm: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

5.7AI score0.00159EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•12 views

SUSE CVE-2026-45888

In the Linux kernel, the following vulnerability has been resolved: md/raid1: fix memory leak in raid1run raid1run calls setupconf which registers a thread via mdregisterthread. If raid1setlimits fails, the previously registered thread is not unregistered, resulting in a memory leak of the mdthre...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•12 views

SUSE CVE-2026-45900

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix netdev memory leak in dpaa2caamprobe When commit 0e1a4d427f58 "crypto: caam: Unembed netdev structure in dpaa2" converted embedded netdevice to dynamically allocated pointers, it added cleanup in...

5.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•12 views

SUSE CVE-2026-45903

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

5.9AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•12 views

SUSE CVE-2026-45920

In the Linux kernel, the following vulnerability has been resolved: ext4: fix dirtyclusters double decrement on fs shutdown fstests test generic/388 occasionally reproduces a warning in ext4putsuper associated with the dirty clusters count: WARNING: CPU: 7 PID: 76064 at fs/ext4/super.c:1324...

5.7AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•12 views

SUSE CVE-2026-45929

In the Linux kernel, the following vulnerability has been resolved: ovpn: fix possible use-after-free in ovpnnetxmit When building the skblist in ovpnnetxmit, skbsharecheck will free the original skb if it is shared. The current implementation continues to use the stale skb pointer for subsequent...

5.8AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45932

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tcx/netkit detach permissions when prog fd isn't given This commit fixes a security issue where BPFPROGDETACH on tcx or netkit devices could be executed by any user when no program fd was provided, bypassing permission...

7CVSS5.8AI score0.00133EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45940

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix oops when split header is enabled For GMAC4, when split header is enabled, in some rare cases, the hardware does not fill buf2 of the first descriptor with payload. Thus we cannot assume buf2 is always fully fill...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45943

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inline data read failure for ztailpacking pclusters Compressed folios for ztailpacking pclusters must be valid before adding these pclusters to I/O chains. Otherwise, zerofsdecompresspcluster may assume they are alread...

5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

5.8AI score0.00088EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45963

In the Linux kernel, the following vulnerability has been resolved: ASoC: nau8821: Cancel delayed work on component remove Attempting to unload the driver while a jack detection work is pending would likely crash the kernel when it is eventually scheduled for execution: 1984.896308 BUG: unable to...

5.9AI score0.00116EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45972

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

9.8CVSS5.8AI score0.00333EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45974

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found If btrfssearchslotforread returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•12 views

SUSE CVE-2026-45979

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•12 views

SUSE CVE-2026-45985

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•12 views

SUSE CVE-2026-45996

In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•12 views

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

5.5CVSS5.7AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•12 views

SUSE CVE-2026-46004

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

6.6CVSS5.8AI score0.00129EPSS
Exploits0References13
Total number of security vulnerabilities5000