Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.17 views

SUSE CVE-2026-46221

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.17 views

SUSE CVE-2026-46234

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.17 views

SUSE CVE-2025-71303

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpmon When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command durin...

4.7CVSS5.8AI score0.00102EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.17 views

SUSE CVE-2025-71311

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize new folios before use KMSAN reports an uninitialized value in longestmatchstd, invoked from ntfscompresswrite. When new folios are allocated without being marked uptodate and nireadframe is skipped because th...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:59 a.m.17 views

SUSE CVE-2026-34303

unknown...

6.5CVSS7.2AI score0.00303EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.17 views

SUSE CVE-2026-44169

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS5.2AI score0.00161EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.17 views

SUSE CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.17 views

SUSE CVE-2026-46002

In the Linux kernel, the following vulnerability has been resolved: ext2: reject inodes with zero inlink and valid mode in ext2iget ext2iget already rejects inodes with inlink == 0 when imode is zero or idtime is set, treating them as deleted. However, the case of inlink == 0 with a non-zero mode...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 12:59 p.m.17 views

SUSE CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 10:58 a.m.17 views

SUSE CVE-2026-9504

A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bitconvertTU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public...

4.8CVSS5.3AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 10:56 a.m.17 views

SUSE CVE-2026-48849

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, an unsanitized subject field in the draft restored value could lead to stored XSS/HTML/CSS injection on shared mailboxes...

4.4CVSS5.8AI score0.00239EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/27 2:53 a.m.17 views

SUSE CVE-2026-2340

A flaw was found in Samba's vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.7AI score0.00939EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2026/05/27 2:53 a.m.17 views

SUSE CVE-2026-4480

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

10CVSS6.4AI score0.12797EPSS
Exploits7References15
SUSE CVE
SUSE CVE
added 2026/05/23 1:29 a.m.17 views

SUSE CVE-2026-39833

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

7.7CVSS5.8AI score0.0036EPSS
Exploits0References24
SUSE CVE
SUSE CVE
added 2026/05/23 1:27 a.m.17 views

SUSE CVE-2026-46598

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

7.5CVSS5.8AI score0.00313EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2026/05/22 2:21 a.m.17 views

SUSE CVE-2026-7837

A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...

3.7CVSS5.8AI score0.00236EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 2:46 a.m.17 views

SUSE CVE-2024-4030

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

4.4CVSS6.8AI score0.003EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/18 1:21 p.m.17 views

SUSE CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

5.4CVSS5.9AI score0.00111EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/16 6:2 p.m.17 views

SUSE CVE-2026-46333

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an...

7.8CVSS5.8AI score0.0138EPSS
Exploits6References132
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.17 views

SUSE CVE-2026-43904

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 mixed RLE and :345 pure RLE do not clamp the run length to remaining scanline width before writing pixels. The r...

8.4CVSS5.8AI score0.00173EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/05/14 3:1 a.m.17 views

SUSE CVE-2026-46300

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skbtrycoalesce can attach paged frags from @from to @to. If @from has SKBFLSHAREDFRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backe...

8.8CVSS6AI score0.03663EPSS
Exploits11References135
SUSE CVE
SUSE CVE
added 2026/05/13 2:22 p.m.17 views

SUSE CVE-2026-42309

Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursive...

8.6CVSS5.8AI score0.00133EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:48 a.m.17 views

SUSE CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References12
SUSE CVE
SUSE CVE
added 2026/05/13 3:37 a.m.17 views

SUSE CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

6.5CVSS5.7AI score0.00338EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.17 views

SUSE CVE-2026-43415

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed after ufshcdvopssuspendhba, pmop, POSTCHANGE. This creates a race...

4.7CVSS5.7AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/12 3:33 a.m.17 views

SUSE CVE-2026-7210

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

7.5CVSS5.8AI score0.0079EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/12 3:31 a.m.17 views

SUSE CVE-2026-43291

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter validation for packet data Since commit 9c328f54741b "net: nfc: nci: Add parameter validation for packet data" communication with nci nfc chips is not working any more. The mentioned commit tries to f...

8.3CVSS5.8AI score0.00269EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/11 2:14 p.m.17 views

SUSE CVE-2026-43292

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:42 a.m.17 views

SUSE CVE-2026-43124

In the Linux kernel, the following vulnerability has been resolved: pstore: ramcore: fix incorrect success return when vmap fails In persistentramvmap, vmap may return NULL on failure. If offset is non-zero, adding offsetinpagestart causes the function to return a non-NULL pointer even though the...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/09 2:40 a.m.17 views

SUSE CVE-2026-43229

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/08 2:20 a.m.17 views

SUSE CVE-2026-43207

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtkmdpunregisterm2mdevice on the error handling path to prevent resource leak. Add check for the return value of vpugetplatdevice to prevent null pointer dereference. And...

5.8AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:23 a.m.17 views

SUSE CVE-2026-6420

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:21 a.m.17 views

SUSE CVE-2026-31723

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds...

5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:21 a.m.17 views

SUSE CVE-2026-31736

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkppe: avoid NULL deref when gmac0 is disabled If the gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer deref and crash the system. This happens because eth-netdev0 will be NULL...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/07 2:19 a.m.17 views

SUSE CVE-2026-43019

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in setcigparamssync hciconn lookup and field access must be covered by hdev lock in setcigparamssync, otherwise it's possible it is freed concurrently. Take hdev lock to prevent hciconn from...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.17 views

SUSE CVE-2026-43120

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix double free related to reregusermr If IBMRREREGTRANS is set during reregusermr, the umem will be released and a new one will be allocated in irdmareregmrtrans. If any step of irdmareregmrtrans fails after the new...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.17 views

SUSE CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.17 views

SUSE CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/04/14 11:26 p.m.17 views

SUSE CVE-2026-34481

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. Th...

5.3CVSS5.8AI score0.00555EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/25 12:25 a.m.17 views

SUSE CVE-2026-29194

Netmaker makes networks with WireGuard. Prior to version 1.5.0, the Authorize middleware in Netmaker incorrectly validates host JWT tokens. When a route permits host authentication hostAllowed=true, a valid host token bypasses all subsequent authorization checks without verifying that the host is...

8.6CVSS5.8AI score0.00366EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/02/17 12:24 a.m.17 views

SUSE CVE-2026-23137

In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittestdataadd In unittestdataadd, if ofresolvephandles fails, the allocated unittestdata is not freed, leading to a memory leak. Fix this by using scope-based cleanup helper freekfree for...

4.4CVSS5.2AI score0.00107EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/02/05 12:25 a.m.17 views

SUSE CVE-2026-23060

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

6.5CVSS5.2AI score0.00123EPSS
Exploits0References27
SUSE CVE
SUSE CVE
added 2026/02/01 12:24 a.m.17 views

SUSE CVE-2026-23018

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...

4.7CVSS5.8AI score0.001EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.17 views

SUSE CVE-2026-23007

In the Linux kernel, the following vulnerability has been resolved: block: zero non-PI portion of auto integrity buffer The auto-generated integrity buffer for writes needs to be fully initialized before being passed to the underlying block device, otherwise the uninitialized memory can be read...

5.5CVSS5.4AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/09 12:23 a.m.17 views

SUSE CVE-2026-21883

Bokeh is an interactive visualization library written in Python. In versions 3.8.1 and below, if a server is configured with an allowlist e.g., dashboard.corp, an attacker can register a domain like dashboard.corp.attacker.com or use a subdomain if applicable and lure a victim to visit it. The...

7.4CVSS6.8AI score0.00159EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/01/06 12:28 a.m.17 views

SUSE CVE-2025-12421

Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email...

9.9CVSS7.3AI score0.0031EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/12/31 12:32 a.m.17 views

SUSE CVE-2022-50784

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as if we should pass it. Coverity CID: 1503456...

5.5CVSS6.5AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/14 4:15 a.m.17 views

SUSE CVE-2024-50052

Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1, 9.5.x = 9.5.9 fail to check that the origin of the message in an integration action matches with the original post metadata which allows an authenticated user to delete an arbitrary post...

4.3CVSS7.9AI score0.0027EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/03/23 4:9 a.m.17 views

SUSE CVE-2023-1530

Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.2AI score0.0082EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.17 views

SUSE CVE-2002-1700

Cross-site scripting vulnerability XSS in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message...

4.3CVSS6.9AI score0.24274EPSS
Exploits0References3
Total number of security vulnerabilities5000