Lucene search
K
SusecveMost viewed

59380 matches found

SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23311

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix invalid wait context in ctxschedin Lockdep found a bug in the event scheduling when a pinned event was failed and wakes up the threads in the ring buffer like below. It seems it should not grab a wait-queue lock...

5.8AI score0.00093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23314

In the Linux kernel, the following vulnerability has been resolved: regulator: bq257xx: Fix device node reference leak in bq257xxregdtparsegpio In bq257xxregdtparsegpio, if fails to get subchild, it returns without calling ofnodeputchild, causing the device node reference leak...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23325

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...

5.5CVSS5.7AI score0.00125EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23336

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkillblock work in wiphyunregister There is a use-after-free error in cfg80211shutdownallinterfaces found by syzkaller: BUG: KASAN: use-after-free in cfg80211shutdownallinterfaces+0x213/0x220 Read of size ...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23346

In the Linux kernel, the following vulnerability has been resolved: arm64: io: Extract user memory type in ioremapprot The only caller of ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a 'pgprott' value determined from the user mapping of the target...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23357

In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251xopen The mcp251xopen function call freeirq in its error path with the mpclock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpclo...

5.5CVSS5.7AI score0.00099EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23360

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin queue leak on controller reset When nvmeallocadmintagset is called during a controller reset, a previous admin queue may still exist. Release it properly before allocating a new one to avoid orphaning the old queu...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23362

In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23367

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

6.3CVSS5.7AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•9 views

SUSE CVE-2026-4720

Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

8.8CVSS7.4AI score0.00424EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•9 views

SUSE CVE-2026-4722

Privilege escalation in the IPC component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

6.3CVSS7.2AI score0.00313EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 11:52 a.m.•9 views

SUSE CVE-2026-4727

Denial-of-service in the Libraries component in NSS. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

4.3CVSS7.2AI score0.0053EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:28 a.m.•9 views

SUSE CVE-2026-24004

Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet's Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...

6.3CVSS6.1AI score0.00262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:28 a.m.•9 views

SUSE CVE-2026-25075

strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...

7.5CVSS6AI score0.01013EPSS
Exploits2References9
SUSE CVE
SUSE CVE
•added 2026/03/25 12:28 a.m.•9 views

SUSE CVE-2026-25921

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue has been patched in version 0.14.2...

9.3CVSS6.6AI score0.00327EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:27 a.m.•9 views

SUSE CVE-2026-25963

Fleet is open source device management software. In versions prior to 4.80.1, a broken authorization check in Fleet's certificate template deletion API could allow a team administrator to delete certificate templates belonging to other teams within the same Fleet instance. Fleet supports...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:25 a.m.•9 views

SUSE CVE-2026-30247

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, the application's "Import document via URL" feature is vulnerable to Server-Side Request Forgery SSRF through HTTP redirects. While the backend implements comprehensive UR...

7.5CVSS5.8AI score0.00388EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:24 a.m.•9 views

SUSE CVE-2026-32102

OliveTin gives access to predefined shell commands from a web interface. In 3000.10.2 and earlier, OliveTin's live EventStream broadcasts execution events and action output to authenticated dashboard subscribers without enforcing per-action authorization. A low-privileged authenticated user can...

7.1CVSS6.1AI score0.00431EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/25 12:23 a.m.•9 views

SUSE CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

8.1CVSS6AI score0.01557EPSS
Exploits1References72
SUSE CVE
SUSE CVE
•added 2026/03/24 12:24 a.m.•9 views

SUSE CVE-2026-32733

Halloy is an IRC application written in Rust. Prior to commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6, the DCC receive flow did not sanitize filenames from incoming DCC SEND requests. A remote IRC user could send a filename with path traversal sequences like ../../.ssh/authorizedkeys and the fil...

8.7CVSS5.9AI score0.00399EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/24 12:24 a.m.•9 views

SUSE CVE-2026-33231

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, nltk.app.wordnetapp allows unauthenticated remote shutdown of the local WordNet Browser HTTP server whe...

7.5CVSS5.9AI score0.00855EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/22 12:23 a.m.•9 views

SUSE CVE-2026-33022

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Versions 0.60.0 through 1.0.0, 1.1.0 through 1.3.2, 1.4.0 through 1.6.0, 1.7.0 through 1.9.0, 1.10.0, and 1.10.1 have a denial-of-service vulnerability in that allows any user who can create a TaskRun or...

6.5CVSS5.8AI score0.00368EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•9 views

SUSE CVE-2026-23243

In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative datalen in ibumadwrite ibumadwrite computes datalen from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, datalen can become negative and...

7.8CVSS5.6AI score0.00125EPSS
Exploits0References103
SUSE CVE
SUSE CVE
•added 2026/03/18 10:59 a.m.•9 views

SUSE CVE-2025-68971

In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment e.g., to be associated with an issue or a release...

6.5CVSS5.8AI score0.00471EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/16 12:43 a.m.•9 views

SUSE CVE-2013-1085

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter...

9.3CVSS6.5AI score0.05591EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/05 6:52 a.m.•9 views

SUSE CVE-2026-3494

In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen - or hash style comments, the statement is...

4.3CVSS5.8AI score0.00274EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/03/05 6:51 a.m.•9 views

SUSE CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/27 12:25 a.m.•9 views

SUSE CVE-2026-25942

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexes the global errorcodenames array 7 elements, indices 0-6 with an unchecked execResult-execResult value received from the server, allowing an out-of-bounds read when the serve...

5.3CVSS5.8AI score0.00454EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/02/25 12:24 a.m.•9 views

SUSE CVE-2026-25987

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory...

5.3CVSS5.9AI score0.0037EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/20 12:25 a.m.•9 views

SUSE CVE-2026-22860

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, Rack::Directory's path check used a string prefix match on the expanded path. A request like /../rootexample/ can escape the configured root if the target path starts with the root string, allowing directory...

7.5CVSS6.4AI score0.00665EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•9 views

SUSE CVE-2026-23227

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx-lock to protect struct vidicontext member variables related to memory alloc/free Exynos Virtual Display driver performs memory alloc/free operations without lock protection, which easily causes concurren...

7CVSS5.7AI score0.00152EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/19 12:25 a.m.•9 views

SUSE CVE-2026-25087

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...

7CVSS5.8AI score0.00807EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/17 12:26 a.m.•9 views

SUSE CVE-2025-71201

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix early read unlock of page with EOF in middle The read result collection for buffered reads seems to run ahead of the completion of subrequests under some circumstances, as can be seen in the following log snippet:...

5.5CVSS5.3AI score0.00117EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/16 12:27 a.m.•9 views

SUSE CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

7CVSS5.2AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23168

In the Linux kernel, the following vulnerability has been resolved: flexproportions: make fpropnewperiod hardirq safe Bernd has reported a lockdep splat from flexible proportions code that is essentially complaining about the following race: runtimersoftirq - we are in softirq context calltimerfn...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23170

In the Linux kernel, the following vulnerability has been resolved: drm/imx/tve: fix probe device leak Make sure to drop the reference taken to the DDC device during probe on probe failure e.g. probe deferral and on driver unbind...

4.4CVSS5.2AI score0.00115EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23189

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

5.5CVSS5.3AI score0.00112EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23197

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

5.5CVSS5.2AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/12 12:25 a.m.•9 views

SUSE CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00292EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:26 a.m.•9 views

SUSE CVE-2026-1642

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side-along with conditions beyond the attacker's control-may be able to inject plain text data in...

5.9CVSS5.5AI score0.00339EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•9 views

SUSE CVE-2026-23046

In the Linux kernel, the following vulnerability has been resolved: virtionet: fix device mismatch in devmkzalloc/devmkfree Initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees using netdevice-device. This device mismatch causing below devres warning 3788.514041...

5.1AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•9 views

SUSE CVE-2026-23030

In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchipusb2phyprobe The foreachavailablechildofnode calls ofnodeput to release childnp in each success loop. After breaking from the loop with the childnp has been released, the...

4.7CVSS5.8AI score0.00217EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/01/31 12:24 a.m.•9 views

SUSE CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.5CVSS6AI score0.00193EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/01/30 12:42 a.m.•9 views

SUSE CVE-2025-33219

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or informatio...

7.8CVSS6AI score0.00186EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:25 a.m.•9 views

SUSE CVE-2026-22796

Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...

5.3CVSS5.9AI score0.00502EPSS
Exploits1References23
SUSE CVE
SUSE CVE
•added 2026/01/28 12:27 a.m.•9 views

SUSE CVE-2025-58151

unknown...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•9 views

SUSE CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.9AI score0.00195EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•9 views

SUSE CVE-2026-22999

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass Fixes qfqchangeclass error case. cl-qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF...

7CVSS5.2AI score0.00204EPSS
Exploits0References125
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•9 views

SUSE CVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

7CVSS5.3AI score0.00188EPSS
Exploits0References32
SUSE CVE
SUSE CVE
•added 2026/01/25 12:24 a.m.•9 views

SUSE CVE-2025-71158

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel hardware this driver was written for was not hotpluggable, so I never realized it. This change uses a...

5.5CVSS5.3AI score0.00137EPSS
Exploits0References3
Total number of security vulnerabilities5000