Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.9 views

SUSE CVE-2026-45893

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix & Optimize table creation from possibly unaligned memory Source blob may come from userspace and might be unaligned. Try to optize the copying process by avoiding unaligned memory accesses. - Added Fixes tag - Added...

5.8AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.9 views

SUSE CVE-2026-45894

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down PASID entry The Intel VT-d Scalable Mode PASID table entry consists of 512 bits 64 bytes. When tearing down an entry, the current implementation zeros the entire 64-byte structure...

6.3CVSS5.7AI score0.00145EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.9 views

SUSE CVE-2026-45936

In the Linux kernel, the following vulnerability has been resolved: power: supply: goldfish: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.9 views

SUSE CVE-2026-45952

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.9 views

SUSE CVE-2026-45958

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidiconnectionioctl, vidi-ediduser pointer is directly dereferenced in the kernel. This allows arbitrary kernel memory access from the user space, so instead o...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.9 views

SUSE CVE-2026-45961

In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects threadstruct, taskstruct, etc...

3.3CVSS5.9AI score0.00143EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.9 views

SUSE CVE-2026-45964

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.9 views

SUSE CVE-2026-45976

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.9 views

SUSE CVE-2026-45982

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix NULL pointer dereference in acpievaddressspacedispatch Cover a missed execution path with a new check...

5.9AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.9 views

SUSE CVE-2026-46005

In the Linux kernel, the following vulnerability has been resolved: xfs: fix a resource leak in xfsallocbuftarg In the error path, call fsputdax to drop the DAX device reference...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.9 views

SUSE CVE-2026-46009

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to do later. This leads to an oops when .allowlink fails or when .droplink is performed. Remove t...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.9 views

SUSE CVE-2026-46025

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.9 views

SUSE CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.9 views

SUSE CVE-2026-46070

In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...

6.1CVSS5.8AI score0.00126EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 3:52 a.m.9 views

SUSE CVE-2026-46091

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

3.3CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:52 a.m.9 views

SUSE CVE-2026-46099

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...

5.5CVSS5.7AI score0.00321EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.9 views

SUSE CVE-2026-45845

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTMDELQDISC, tapriograft is called with new == NULL and stores NULL into q-qdiscscl - 1. Subsequent RTMGETTCLASS dump operatio...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 4:13 a.m.9 views

SUSE CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

8.8CVSS5.8AI score0.0011EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:21 a.m.9 views

SUSE CVE-2026-8632

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via operating system command injection...

7.8CVSS6.3AI score0.0088EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.9 views

SUSE CVE-2026-41999

Incorrect Behaviour of Views with TCP PROXY Requests...

4.8CVSS5.8AI score0.00142EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.9 views

SUSE CVE-2026-42000

Insufficient Validation of Names During AXFR...

8.6CVSS5.8AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.9 views

SUSE CVE-2026-43498

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if the object is imported and returns -EOPNOTSUPP if so. Re-exporting...

5.3CVSS5.9AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.9 views

SUSE CVE-2026-43619

Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...

6.3CVSS6AI score0.00136EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.9 views

SUSE CVE-2026-44076

Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path...

6.7CVSS6.2AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.9 views

SUSE CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

4.2CVSS5.8AI score0.00337EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/05/21 1:17 p.m.9 views

SUSE CVE-2022-50299

In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf returns the number of characters generated from...

5.5CVSS6AI score0.00147EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.9 views

SUSE CVE-2026-9113

Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.9 views

SUSE CVE-2026-9117

Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...

7.5CVSS5.8AI score0.00265EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.9 views

SUSE CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.9 views

SUSE CVE-2026-43494

In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails When iovitergetpages2 fails in rdsmessagezcopyfromuser, the pinned pages are released with putpage, and rm-data.opmmpznotifier is cleared. But we fail to properly clear...

8.4CVSS5.7AI score0.00269EPSS
Exploits3References22
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.9 views

SUSE CVE-2026-44051

An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation...

8.1CVSS6AI score0.00477EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.9 views

SUSE CVE-2026-44053

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

7.4CVSS5.8AI score0.00301EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.9 views

SUSE CVE-2026-44056

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...

6.4CVSS6.1AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 1:11 p.m.9 views

SUSE CVE-2026-47373

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 2:41 a.m.9 views

SUSE CVE-2025-33221

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

6CVSS5.8AI score0.00175EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.9 views

SUSE CVE-2026-24199

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service...

4.7CVSS5.8AI score0.00092EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/20 3:2 a.m.9 views

SUSE CVE-2025-4922

Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...

8.1CVSS6AI score0.00484EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/20 3:2 a.m.9 views

SUSE CVE-2025-6014

Vault and Vault Enterprise's “Vault” TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

6.5CVSS5.9AI score0.00356EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/20 3:0 a.m.9 views

SUSE CVE-2025-12141

In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.notifications.receivers:test” that are granted as part of the fixed role "Contact Point Writer", which is part of the basic role Editor - can edit...

4.3CVSS5.7AI score0.00255EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/20 2:40 a.m.9 views

SUSE CVE-2025-57807

ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob, which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob, which then expan...

4.2CVSS6.5AI score0.00274EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2026/05/20 2:32 a.m.9 views

SUSE CVE-2026-8962

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

5.4CVSS5.8AI score0.00372EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/20 2:31 a.m.9 views

SUSE CVE-2026-8968

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

4.3CVSS5.8AI score0.00413EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/20 2:31 a.m.9 views

SUSE CVE-2026-8974

Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11,...

8.8CVSS6AI score0.00332EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/18 1:21 p.m.9 views

SUSE CVE-2026-46728

Das U-Boot before 2026.04 allows FIT Flat Image Tree signature verification bypass because hashed-nodes is omitted from a hash...

8.2CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.9 views

SUSE CVE-2026-8514

Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.9 views

SUSE CVE-2026-8528

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.9 views

SUSE CVE-2026-8536

Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00186EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.9 views

SUSE CVE-2026-8547

Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00257EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.9 views

SUSE CVE-2026-8548

Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.9 views

SUSE CVE-2026-8549

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
Total number of security vulnerabilities5000