Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
•added 2026/03/30 11:30 p.m.•12 views

SUSE CVE-2026-32241

Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...

8.8CVSS6.2AI score0.02709EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•12 views

SUSE CVE-2026-23369

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•12 views

SUSE CVE-2026-4705

Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

5CVSS7.2AI score0.00418EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•12 views

SUSE CVE-2026-4711

Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

6.3CVSS7.2AI score0.00398EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/02/27 12:25 a.m.•12 views

SUSE CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

5.3CVSS5.8AI score0.00599EPSS
Exploits1References14
SUSE CVE
SUSE CVE
•added 2026/02/16 12:26 a.m.•12 views

SUSE CVE-2026-23149

In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...

5.5CVSS5.2AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/15 12:24 a.m.•12 views

SUSE CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.2202EPSS
Exploits12References3
SUSE CVE
SUSE CVE
•added 2026/02/07 12:23 a.m.•12 views

SUSE CVE-2026-25160

Alist is a file list program that supports multiple storages, powered by Gin and Solidjs. Prior to version 3.57.0, the application disables TLS certificate verification by default for all outgoing storage driver communications, making the system vulnerable to Man-in-the-Middle MitM attacks. This...

9.1CVSS5.1AI score0.00234EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•12 views

SUSE CVE-2026-23015

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•12 views

SUSE CVE-2026-23039

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

5.8AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:29 a.m.•12 views

SUSE CVE-2025-13465

Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original...

8.2CVSS5.9AI score0.01535EPSS
Exploits0References30
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•12 views

SUSE CVE-2026-23000

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...

5.5CVSS5.3AI score0.0015EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•12 views

SUSE CVE-2026-23012

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: remove callcontrol in inactive contexts If damoncall is executed against a DAMON context that is not running, the function returns error while keeping the damoncallcontrol object linked to the context's callcontrol...

7.8CVSS5.3AI score0.00151EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•12 views

SUSE CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

7.8CVSS5.2AI score0.00152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/14 12:34 a.m.•12 views

SUSE CVE-2022-21592

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...

4.3CVSS4.8AI score0.00653EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:36 a.m.•12 views

SUSE CVE-2017-18889

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. An attacker could create fictive system-message posts via webhooks and slash commands, in the v3 or v4 REST API...

4.3CVSS4.9AI score0.00664EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:28 a.m.•12 views

SUSE CVE-2025-11393

A flaw was found in runtimes-inventory-rhel8-operator. An internal proxy component is incorrectly configured. Because of this flaw, the proxy attaches the cluster's main administrative credentials to any command it receives, instead of only the specific reports it is supposed to handle. This allo...

8.7CVSS6.8AI score0.00215EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:25 a.m.•12 views

SUSE CVE-2025-65754

Cross Site Scripting vulnerability in Algernon v1.17.4 allows attackers to execute arbitrary code via injecting a crafted payload into a filename...

6.1CVSS7.1AI score0.00386EPSS
Exploits2References2
SUSE CVE
SUSE CVE
•added 2025/12/31 12:32 a.m.•12 views

SUSE CVE-2022-50811

In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if zerofsgetextentcompressedlen fails Otherwise, meta buffers could be leaked...

5.5CVSS6.5AI score0.00198EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:31 a.m.•12 views

SUSE CVE-2022-50826

In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: Fix NULL pointer dereference in imgusubdevsetselection Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereference. This can currently happen in...

5.5CVSS6.4AI score0.00206EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/30 12:23 a.m.•12 views

SUSE CVE-2025-68920

C-Kermit aka ckermit through 10.0 Beta.12 aka 416-beta12 before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system...

8.9CVSS6.9AI score0.00373EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•12 views

SUSE CVE-2022-50714

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76dev in mt7921pciremove. We should make sure the drvdata i...

7CVSS6.4AI score0.00203EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•12 views

SUSE CVE-2022-50735

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: do not run mt76ustatusworker if the device is not running Fix the following NULL pointer dereference avoiding to run mt76ustatusworker thread if the device is not running yet. KASAN: null-ptr-deref in range...

5.5CVSS6.4AI score0.00206EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•12 views

SUSE CVE-2022-50739

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check for inode operations This adds a sanity check for the iop pointer of the inode which is returned after reading Root directory MFT record. We should check the iop is valid before trying to create t...

6.2AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:57 a.m.•12 views

SUSE CVE-2023-54003

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when createah fails If AH create request fails, release sgidattr to avoid GID entry referrence leak reported while releasing GID table...

3.3CVSS6.5AI score0.00173EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:56 a.m.•12 views

SUSE CVE-2023-54068

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to call f2fswaitonpagewriteback in f2fswriterawpages BUGON will be triggered when writing files concurrently, because the same page is writtenback multiple times. 1597 void folioendwritebackstruct folio folio...

6.6AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/20 12:27 a.m.•12 views

SUSE CVE-2025-64718

js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution proto. All users who parse untrusted yaml documents may be impacted. The problem is patched in...

5.4CVSS6.6AI score0.00378EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/10 12:39 a.m.•12 views

SUSE CVE-2022-50637

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcomcpufreqhwreadlut If "cpudev" fails to get opp table in qcomcpufreqhwreadlut, the program will return, resulting in "table" resource is not released...

5.5CVSS6.5AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/10 12:38 a.m.•12 views

SUSE CVE-2022-50656

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...

6.1CVSS6.5AI score0.00195EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/10 12:38 a.m.•12 views

SUSE CVE-2022-50657

In the Linux kernel, the following vulnerability has been resolved: riscv: mm: add missing memcpy in kasaninit Hi Atish, It seems that the panic is due to the missing memcpy during kasaninit. Could you please check whether this patch is helpful? When doing kasanpopulate, the new allocated...

6.5AI score0.00189EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/10 12:38 a.m.•12 views

SUSE CVE-2022-50658

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the error path to always...

5.5CVSS6.5AI score0.00206EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/10 12:38 a.m.•12 views

SUSE CVE-2022-50666

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siwqpdestroy call, so...

5.5CVSS6.5AI score0.00206EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/08 12:23 a.m.•12 views

SUSE CVE-2025-40272

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

5.5CVSS6.3AI score0.00171EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/10/30 12:25 a.m.•12 views

SUSE CVE-2025-40037

In the Linux kernel, the following vulnerability has been resolved: fbdev: simplefb: Fix use after free in simplefbdetachgenpds The pmdomain cleanup can not be devres managed as it uses struct simplefbpar which is allocated within struct fbinfo by framebufferalloc. This allocation is explicitly...

5.5CVSS6.4AI score0.00194EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•12 views

SUSE CVE-2025-40068

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

5.5CVSS6.6AI score0.00202EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/01 11:23 p.m.•12 views

SUSE CVE-2025-39902

In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to...

5.5CVSS6.5AI score0.00149EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/09/12 11:23 p.m.•12 views

SUSE CVE-2025-39787

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...

4.4CVSS6.6AI score0.00148EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/09/04 11:23 p.m.•12 views

SUSE CVE-2025-38692

In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. 1 Condition for exfatcountdirentries to loop infinitely. - The cluster chain includes a loop....

4.4CVSS6.5AI score0.00145EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/09/04 11:23 p.m.•12 views

SUSE CVE-2025-38698

In the Linux kernel, the following vulnerability has been resolved: jfs: Regular file corruption check The reproducer builds a corrupted file on disk with a negative isize value. Add a check when opening this file to avoid subsequent operation failures...

7CVSS6.6AI score0.00159EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/09/04 11:23 p.m.•12 views

SUSE CVE-2025-38706

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Check for rtd == NULL in sndsocremovepcmruntime sndsocremovepcmruntime might be called with rtd == NULL which will leads to null pointer dereference. This was reproduced with topology loading and marking a link as...

4.7CVSS6.4AI score0.00179EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2025/07/04 11:22 p.m.•12 views

SUSE CVE-2025-38161

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction Upon RQ destruction if the firmware command fails which is the last resource to be destroyed some SW resources were already cleaned regardless of the failure. Now...

6.6CVSS6.6AI score0.00143EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/03 11:24 p.m.•12 views

SUSE CVE-2025-38099

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Disable SCO support if READVOICESETTING is unsupported/broken A SCO connection without the proper voicesetting can cause the controller to lock up...

3.3CVSS6.5AI score0.00155EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/06/19 3:43 a.m.•12 views

SUSE CVE-2022-50055

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Witho...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/06/19 3:40 a.m.•12 views

SUSE CVE-2022-50158

In the Linux kernel, the following vulnerability has been resolved: mtd: partitions: Fix refcount leak in parseredbootof ofgetchildbyname returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/05/21 12:46 a.m.•12 views

SUSE CVE-2025-37963

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In addition, only...

2.5CVSS6.3AI score0.00158EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/05/10 2:52 a.m.•12 views

SUSE CVE-2025-37885

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host control remapped or posted MSI mode if the new GSI route prevents posting the IRQ directly to a vCPU, regardless of the GSI routing typ...

5.5CVSS6.4AI score0.00249EPSS
Exploits0References28
SUSE CVE
SUSE CVE
•added 2025/05/09 3:23 a.m.•12 views

SUSE CVE-2025-37805

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancelsync warnings on uninitialized workstructs Betty reported hitting the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... 8.713282 T221 Call trace: 8.713365 T221...

2.5CVSS7.6AI score0.00161EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/05/02 2:2 a.m.•12 views

SUSE CVE-2025-37789

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check that the attribute is OK first...

5.5CVSS6.3AI score0.00179EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2025/04/18 11:19 p.m.•12 views

SUSE CVE-2025-37785

In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...

6CVSS6.3AI score0.00226EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2025/04/18 1:23 a.m.•12 views

SUSE CVE-2025-22053

In the Linux kernel, the following vulnerability has been resolved: net: ibmveth: make vethpoolstore stop hanging v2: - Created a single error handling unlock and exit in vethpoolstore - Greatly expanded commit message with previous explanatory-only text Summary: Use rtnlmutex to synchronize...

5.5CVSS7.6AI score0.00125EPSS
Exploits0References16
Total number of security vulnerabilities5000