Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
•added 2026/03/25 12:28 a.m.•9 views

SUSE CVE-2026-25075

strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...

7.5CVSS6AI score0.01013EPSS
Exploits2References9
SUSE CVE
SUSE CVE
•added 2026/03/25 12:28 a.m.•9 views

SUSE CVE-2026-25921

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue has been patched in version 0.14.2...

9.3CVSS6.6AI score0.00327EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:27 a.m.•9 views

SUSE CVE-2026-25963

Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet's certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Fleet supports...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:25 a.m.•9 views

SUSE CVE-2026-30247

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, the application's "Import document via URL" feature is vulnerable to Server-Side Request Forgery SSRF through HTTP redirects. While the backend implements comprehensive UR...

7.5CVSS5.8AI score0.00388EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•9 views

SUSE CVE-2026-32102

OliveTin gives access to predefined shell commands from a web interface. In 3000.10.2 and earlier, OliveTin's live EventStream broadcasts execution events and action output to authenticated dashboard subscribers without enforcing per-action authorization. A low-privileged authenticated user can...

7.1CVSS6.1AI score0.00431EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:23 a.m.•9 views

SUSE CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

8.1CVSS6AI score0.01557EPSS
Exploits1References72
SUSE CVE
SUSE CVE
•added 2026/03/24 12:24 a.m.•9 views

SUSE CVE-2026-32733

Halloy is an IRC application written in Rust. Prior to commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6, the DCC receive flow did not sanitize filenames from incoming DCC SEND requests. A remote IRC user could send a filename with path traversal sequences like ../../.ssh/authorizedkeys and the fil...

8.7CVSS5.9AI score0.00399EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/24 12:24 a.m.•9 views

SUSE CVE-2026-33231

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, nltk.app.wordnetapp allows unauthenticated remote shutdown of the local WordNet Browser HTTP server whe...

7.5CVSS5.9AI score0.00855EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•9 views

SUSE CVE-2026-33022

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or...

6.5CVSS5.8AI score0.00368EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•9 views

SUSE CVE-2026-23243

In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative datalen in ibumadwrite ibumadwrite computes datalen from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, datalen can become negative and...

7.8CVSS5.6AI score0.00125EPSS
Exploits0References103
SUSE CVE
SUSE CVE
•added 2026/03/18 10:59 a.m.•9 views

SUSE CVE-2025-68971

In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment e.g., to be associated with an issue or a release...

6.5CVSS5.8AI score0.00471EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/16 12:43 a.m.•9 views

SUSE CVE-2013-1085

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter...

9.3CVSS6.5AI score0.05591EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/05 6:52 a.m.•9 views

SUSE CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen - or hash style comments, the statement is...

4.3CVSS5.8AI score0.00274EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•9 views

SUSE CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/27 12:25 a.m.•9 views

SUSE CVE-2026-25942

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexes the global errorcodenames array 7 elements, indices 0-6 with an unchecked execResult-execResult value received from the server, allowing an out-of-bounds read when the serve...

5.3CVSS5.8AI score0.00454EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/02/25 12:24 a.m.•9 views

SUSE CVE-2026-25987

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory...

5.3CVSS5.9AI score0.0037EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/20 12:25 a.m.•9 views

SUSE CVE-2026-22860

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, Rack::Directory's path check used a string prefix match on the expanded path. A request like /../rootexample/ can escape the configured root if the target path starts with the root string, allowing directory...

7.5CVSS6.4AI score0.00665EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•9 views

SUSE CVE-2026-23227

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx-lock to protect struct vidicontext member variables related to memory alloc/free Exynos Virtual Display driver performs memory alloc/free operations without lock protection, which easily causes concurren...

7CVSS5.7AI score0.00152EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/19 12:25 a.m.•9 views

SUSE CVE-2026-25087

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...

7CVSS5.8AI score0.00807EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/17 12:26 a.m.•9 views

SUSE CVE-2025-71201

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix early read unlock of page with EOF in middle The read result collection for buffered reads seems to run ahead of the completion of subrequests under some circumstances, as can be seen in the following log snippet:...

5.5CVSS5.3AI score0.00117EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/16 12:27 a.m.•9 views

SUSE CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

7CVSS5.2AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23168

In the Linux kernel, the following vulnerability has been resolved: flexproportions: make fpropnewperiod hardirq safe Bernd has reported a lockdep splat from flexible proportions code that is essentially complaining about the following race: runtimersoftirq - we are in softirq context calltimerfn...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23170

In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure e.g. probe deferral and on driver unbind...

4.4CVSS5.2AI score0.00115EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23189

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

5.5CVSS5.3AI score0.00112EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23197

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

5.5CVSS5.2AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:26 a.m.•9 views

SUSE CVE-2026-1642

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side-along with conditions beyond the attacker's control-may be able to inject plain text data in...

5.9CVSS5.5AI score0.00339EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•9 views

SUSE CVE-2026-23046

In the Linux kernel, the following vulnerability has been resolved: virtionet: fix device mismatch in devmkzalloc/devmkfree Initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees using netdevice-device. This device mismatch causing below devres warning 3788.514041...

5.1AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•9 views

SUSE CVE-2026-23030

In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchipusb2phyprobe The foreachavailablechildofnode calls ofnodeput to release childnp in each success loop. After breaking from the loop with the childnp has been released, the...

4.7CVSS5.8AI score0.00217EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/01/31 12:24 a.m.•9 views

SUSE CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.5CVSS6AI score0.00193EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/01/30 12:42 a.m.•9 views

SUSE CVE-2025-33219

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or informatio...

7.8CVSS6AI score0.00186EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•9 views

SUSE CVE-2026-22796

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...

5.3CVSS5.9AI score0.00502EPSS
Exploits1References23
SUSE CVE
SUSE CVE
•added 2026/01/28 12:27 a.m.•9 views

SUSE CVE-2025-58151

unknown...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•9 views

SUSE CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.9AI score0.00195EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•9 views

SUSE CVE-2026-22999

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass Fixes qfqchangeclass error case. cl-qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF...

7CVSS5.2AI score0.00204EPSS
Exploits0References125
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•9 views

SUSE CVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

7CVSS5.3AI score0.00188EPSS
Exploits0References32
SUSE CVE
SUSE CVE
•added 2026/01/25 12:24 a.m.•9 views

SUSE CVE-2025-71158

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel hardware this driver was written for was not hotpluggable, so I never realized it. This change uses a...

5.5CVSS5.3AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/25 12:24 a.m.•9 views

SUSE CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.5CVSS5.3AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/24 12:25 a.m.•9 views

SUSE CVE-2025-71147

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix a memory leak in tpm2loadcmd 'tpm2loadcmd' allocates a tempoary blob indirectly via 'tpm2keydecode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper...

4.7CVSS5.2AI score0.00114EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/20 12:32 a.m.•9 views

SUSE CVE-2025-15533

A vulnerability was determined in raysan5 raylib up to 909f040. Affected by this vulnerability is the function GenImageFontAtlas of the file src/rtext.c. Executing a manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclos...

7.8CVSS5.6AI score0.00306EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/20 12:31 a.m.•9 views

SUSE CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...

7.8CVSS5AI score0.00165EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/20 12:27 a.m.•9 views

SUSE CVE-2025-68616

WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery SSRF protection bypass exists in WeasyPrint's defaulturlfetcher. The vulnerability allows attackers to access internal network resources such as localhost services or cloud metadata...

7.5CVSS5.6AI score0.00501EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/01/19 12:23 a.m.•9 views

SUSE CVE-2025-71132

In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPTRT When smc91x.c is built with PREEMPTRT, the following splat occurs in FVPRevC: 13.055000 smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 13.062137 BUG: workqueue leaked...

5.5CVSS6.5AI score0.00114EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/17 12:51 a.m.•9 views

SUSE CVE-2017-18895

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It allows attackers to obtain sensitive information user statuses via a REST API version 4 endpoint...

5.3CVSS6.6AI score0.0092EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/17 12:32 a.m.•9 views

SUSE CVE-2025-14987

When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...

5.3CVSS7.3AI score0.00358EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/16 12:27 a.m.•9 views

SUSE CVE-2025-68803

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

4.6CVSS6.4AI score0.00173EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/14 12:25 a.m.•9 views

SUSE CVE-2025-71093

In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...

5.3CVSS6.4AI score0.00117EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/09 12:35 a.m.•9 views

SUSE CVE-2024-53866

The package manager pnpm prior to version 9.15.0 seems to mishandle overrides and global cache: Overrides from one workspace leak into npm metadata saved in global cache; npm metadata from global cache affects other workspaces; and installs by default don't revalidate the data including on first...

9.8CVSS7.9AI score0.00942EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/07 12:25 a.m.•9 views

SUSE CVE-2025-15271

FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit ...

8.8CVSS8.8AI score0.00581EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:37 a.m.•9 views

SUSE CVE-2017-18874

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2 when local storage for files is used. A System Admin can achieve directory traversal...

6.5CVSS6.3AI score0.01233EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:28 a.m.•9 views

SUSE CVE-2025-13888

A flaw was found in OpenShift GitOps. Namespace admins can create ArgoCD Custom Resources CRs that trick the system into granting them elevated permissions in other namespaces, including privileged namespaces. An authenticated attacker can then use these elevated permissions to create privileged...

9.1CVSS6.7AI score0.0063EPSS
Exploits0References2
Total number of security vulnerabilities5000