Lucene search
K
SusecveMost viewed

59855 matches found

SUSE CVE
SUSE CVE
•added 2026/05/13 2:21 p.m.•11 views

SUSE CVE-2026-43515

Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...

7.5CVSS5.8AI score0.01136EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/05/13 3:37 a.m.•11 views

SUSE CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

2.9CVSS5.8AI score0.00365EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/05/13 3:36 a.m.•11 views

SUSE CVE-2026-43145

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Fix invalid loaded resource table detection imxrprocelffindloadedrsctable may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree contains a...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:36 a.m.•11 views

SUSE CVE-2026-43180

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: remove TX queue manipulation in kawethsetrxmode kawethsetrxmode, the ndosetrxmode callback, calls netifstopqueue and netifwakequeue. These are TX queue flow control functions unrelated to RX multicast...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43287

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43293

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43303

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare Several subsystems slub, shmem, ttm, etc. use page-private but don't clear it before freeing pages. When these pages are later allocated as high-order pages and split via...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43312

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43320

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue why Need to add function hook check before use...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43322

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace caused by hciconn being freed before lereadfeaturescomplete but after hcilereadremotefeaturessync so hciconndel - hcicmdsyncdequeue is not...

8.8CVSS5.7AI score0.00219EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43326

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...

5.8AI score0.00083EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43327

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43332

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone device registration error path If thermalzonedeviceregisterwithtrips fails after registering a thermal zone device, it needs to wait for the tz-removal completion like thermalzonedeviceunregister, ...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43345

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CHCCNTXT0 to CHCCNTXT1. The v5.0 register definition intended to define this field in the CHCCNTXT1 fmask array but...

5.5CVSS5.7AI score0.00353EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43349

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

5.6CVSS5.7AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•11 views

SUSE CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.8AI score0.00224EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43355

In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43374

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43376

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

9.8CVSS5.7AI score0.00444EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43389

In the Linux kernel, the following vulnerability has been resolved: mm: memfdluo: always dirty all folios A dirty folio is one which has been written to. A clean folio is its opposite. Since a clean folio has no user data, it can be freed under memory pressure. memfd preservation with LUO saves t...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43390

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper that...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43392

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's schedclass from fair to ext. Since fair has higher priority than ext,...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43399

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43403

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for ns iteration ioctls Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces...

8.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43404

In the Linux kernel, the following vulnerability has been resolved: mm: Fix a hmmrangefault livelock / starvation problem If hmmrangefault fails a foliotrylock in doswappage, trying to acquire the lock of a device-private folio for migration, to ram, the function will spin until it succeeds...

5.8AI score0.00093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•11 views

SUSE CVE-2026-43421

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•11 views

SUSE CVE-2026-43438

In the Linux kernel, the following vulnerability has been resolved: schedext: Remove redundant cssput in scxcgroupinit The iterator cssforeachdescendantpre walks the cgroup hierarchy under cgrouplock. It does not increment the reference counts on yielded css structs. According to the cgroup...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•11 views

SUSE CVE-2026-43470

In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3proccreate if dalias is a dir If we found an alias through nfs3docreate/nfsaddorobtain /dsplicealias which happens to be a dir dentry, we don't return any error, and simply forget about this alias, but t...

5.5CVSS5.7AI score0.00116EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/05/13 3:33 a.m.•11 views

SUSE CVE-2026-43512

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from before 7.0.0. Older unsupported...

7.3CVSS5.7AI score0.01233EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/05/12 3:30 a.m.•11 views

SUSE CVE-2026-43324

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat involved history. The synchronization mechanism was introduced by commit 7dbd8f4cabd9...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/12 3:30 a.m.•11 views

SUSE CVE-2026-43379

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...

9.8CVSS5.7AI score0.00444EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/12 3:30 a.m.•11 views

SUSE CVE-2026-43420

In the Linux kernel, the following vulnerability has been resolved: ceph: fix inlink underrun during async unlink During async unlink, we drop the inlink counter before we receive the completion that will eventually update the inlink because "we assume that the unlink will succeed". That is not a...

4.7CVSS5.8AI score0.00093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/12 3:29 a.m.•11 views

SUSE CVE-2026-43450

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkcthelper: fix OOB read in nfnlcthelperdumptable nfnlcthelperdumptable has a 'goto restart' that jumps to a label inside the for loop body. When the "last" helper saved in cb-args1 is deleted between dump round...

5.8AI score0.00132EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:16 p.m.•11 views

SUSE CVE-2026-8213

A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit h...

5.3CVSS5.4AI score0.00258EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:14 p.m.•11 views

SUSE CVE-2026-43319

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different orders depending on the code path: write/read: buflock - spilock ioctl...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:14 p.m.•11 views

SUSE CVE-2026-43335

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynamic IDs for SM8450 platform interconnects left two links unconverted, fix it to avoid the NULL pointer dereference in runtime, when a...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•11 views

SUSE CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•11 views

SUSE CVE-2026-43393

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix chunk map leak in btrfsmapblock after btrfschunkmapnumcopies Fix a chunk map leak in btrfsmapblock: if we return early with -EINVAL, we're not freeing the chunk map that we've just looked up...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•11 views

SUSE CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•11 views

SUSE CVE-2026-43453

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: fix stack out-of-bounds read in pipapodrop pipapodrop passes rulemapi + 1.n to pipapounmap as the tooffset argument on every iteration, including the last one where i == m-fieldcount - 1. This reads one...

5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•11 views

SUSE CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•11 views

SUSE CVE-2026-44656

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the pat...

4.4CVSS6AI score0.00917EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/05/11 2:13 p.m.•11 views

SUSE CVE-2026-45130

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in readcompound in src/spellfile.c when loading a crafted spell file .spl with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-b...

6.6CVSS5.9AI score0.00248EPSS
Exploits1References13
SUSE CVE
SUSE CVE
•added 2026/05/10 1:6 a.m.•11 views

SUSE CVE-2026-43364

In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:48 a.m.•11 views

SUSE CVE-2025-71287

In the Linux kernel, the following vulnerability has been resolved: memory: mtk-smi: fix device leak on larb probe Make sure to drop the reference taken when looking up the SMI device during larb probe on late probe failure e.g. probe deferral and on driver unbind...

5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:46 a.m.•11 views

SUSE CVE-2026-8087

A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The...

7.8CVSS5.8AI score0.00223EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:46 a.m.•11 views

SUSE CVE-2026-8088

A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the...

5.5CVSS5.3AI score0.00246EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:43 a.m.•11 views

SUSE CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/09 2:42 a.m.•11 views

SUSE CVE-2026-42284

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but aft...

9.8CVSS5.7AI score0.00571EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:42 a.m.•11 views

SUSE CVE-2026-43123

In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fbacquirenewinfo If fbconopen fails when called from con2fbacquirenewinfo then info-fbconpar pointer remains NULL which is later dereferenced. Add check for return value of the function...

5.8AI score0.00128EPSS
Exploits0References3
Total number of security vulnerabilities5000