Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•17 views

SUSE CVE-2026-46163

In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacyrx can exceed dev-maxnrkeys. The existing B43legacyWARNON is non-enforcing in production builds...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•17 views

SUSE CVE-2026-46168

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix scheduling with atomic in timestamp sockopt Using locksockfast atomic context around socksettimestamp and socksettimestamping is unsafe, as both helpers can sleep. Replace locksockfast with sleepable locksock/releaseso...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•17 views

SUSE CVE-2026-46171

In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: fix vector context allocation leak When the second kzalloc hostcontext.vector.datap fails in kvmriscvvcpuallocvectorcontext, the first allocation guestcontext.vector.datap is leaked. Free it before returning...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:15 a.m.•17 views

SUSE CVE-2026-46211

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...

6.6CVSS5.9AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•17 views

SUSE CVE-2026-46221

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•17 views

SUSE CVE-2026-46234

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 4:1 a.m.•17 views

SUSE CVE-2025-71303

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpmon When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command durin...

4.7CVSS5.8AI score0.00102EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•17 views

SUSE CVE-2026-44169

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS5.2AI score0.00161EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•17 views

SUSE CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

5.5CVSS5.7AI score0.00163EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•17 views

SUSE CVE-2026-46002

In the Linux kernel, the following vulnerability has been resolved: ext2: reject inodes with zero inlink and valid mode in ext2iget ext2iget already rejects inodes with inlink == 0 when imode is zero or idtime is set, treating them as deleted. However, the case of inlink == 0 with a non-zero mode...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/27 12:59 p.m.•17 views

SUSE CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/27 10:58 a.m.•17 views

SUSE CVE-2026-9504

A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bitconvertTU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public...

4.8CVSS5.3AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/27 10:56 a.m.•17 views

SUSE CVE-2026-48849

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, an unsanitized subject field in the draft restored value could lead to stored XSS/HTML/CSS injection on shared mailboxes...

4.4CVSS5.8AI score0.00239EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/27 2:53 a.m.•17 views

SUSE CVE-2026-2340

A flaw was found in Samba's vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.7AI score0.00939EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2026/05/27 2:53 a.m.•17 views

SUSE CVE-2026-4480

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

10CVSS6.4AI score0.12797EPSS
Exploits9References15
SUSE CVE
SUSE CVE
•added 2026/05/22 2:21 a.m.•17 views

SUSE CVE-2026-7837

A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...

3.7CVSS5.8AI score0.00236EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/18 1:22 p.m.•17 views

SUSE CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

3.7CVSS6.1AI score0.0018EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/18 1:21 p.m.•17 views

SUSE CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

5.4CVSS5.9AI score0.00111EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:14 a.m.•17 views

SUSE CVE-2026-8571

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/16 1:11 a.m.•17 views

SUSE CVE-2026-43904

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 mixed RLE and :345 pure RLE do not clamp the run length to remaining scanline width before writing pixels. The r...

8.4CVSS5.8AI score0.00173EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/15 1:58 a.m.•17 views

SUSE CVE-2026-44216

Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is...

7.5CVSS6AI score0.00319EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/13 2:22 p.m.•17 views

SUSE CVE-2026-42309

Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursive...

8.6CVSS5.8AI score0.00133EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:37 a.m.•17 views

SUSE CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

6.5CVSS5.7AI score0.00338EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/13 3:37 a.m.•17 views

SUSE CVE-2026-40612

jq is a command-line JSON processor. In 1.8.1 and earlier, jvcontains recurses into nested arrays/objects with no depth limit. With a sufficiently nested input structure built programmatically with reduce, since the JSON parser caps at depth 10000, the C stack is exhausted...

6.6CVSS5.8AI score0.00161EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•17 views

SUSE CVE-2026-43325

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCCALLOWEDAPTYPECMD is related to 6E support. Do not send it if the device doesn't support 6E. Apparently, the firmware is mistakenly advertising support for...

5.3CVSS5.8AI score0.00121EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•17 views

SUSE CVE-2026-43331

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after loadsegments The loadsegments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIGKCOV is enabled, any subsequent instrumented C...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:35 a.m.•17 views

SUSE CVE-2026-43340

In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/13 3:34 a.m.•17 views

SUSE CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/05/12 3:33 a.m.•17 views

SUSE CVE-2026-7210

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

7.5CVSS5.8AI score0.0079EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/11 2:14 p.m.•17 views

SUSE CVE-2026-43292

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:42 a.m.•17 views

SUSE CVE-2026-43124

In the Linux kernel, the following vulnerability has been resolved: pstore: ramcore: fix incorrect success return when vmap fails In persistentramvmap, vmap may return NULL on failure. If offset is non-zero, adding offsetinpagestart causes the function to return a non-NULL pointer even though the...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/09 2:40 a.m.•17 views

SUSE CVE-2026-43229

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:39 a.m.•17 views

SUSE CVE-2015-1346

Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

7.5CVSS7.3AI score0.01165EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/08 2:20 a.m.•17 views

SUSE CVE-2026-43207

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtkmdpunregisterm2mdevice on the error handling path to prevent resource leak. Add check for the return value of vpugetplatdevice to prevent null pointer dereference. And...

5.8AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:21 a.m.•17 views

SUSE CVE-2026-31747

In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:19 a.m.•17 views

SUSE CVE-2026-43019

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in setcigparamssync hciconn lookup and field access must be covered by hdev lock in setcigparamssync, otherwise it's possible it is freed concurrently. Take hdev lock to prevent hciconn from...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:17 a.m.•17 views

SUSE CVE-2026-43139

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

8.6CVSS5.8AI score0.00375EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:17 a.m.•17 views

SUSE CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/07 2:16 a.m.•17 views

SUSE CVE-2026-43254

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...

7.5CVSS5.7AI score0.00451EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/06 1:43 a.m.•17 views

SUSE CVE-2026-31731

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermalzonepmcomplete and thermalzonedeviceresume re-initialize the pollqueue delayed work for the given thermal zone, the canceldelayedworksync in...

5.7AI score0.00125EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/05 1:46 a.m.•17 views

SUSE CVE-2026-31726

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/05 1:45 a.m.•17 views

SUSE CVE-2026-33523

HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

8.7CVSS5.8AI score0.00436EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/05 1:45 a.m.•17 views

SUSE CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/23 1:26 a.m.•17 views

SUSE CVE-2026-31432

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

8.8CVSS5.8AI score0.00507EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/22 1:36 a.m.•17 views

SUSE CVE-2026-40338

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTPDPFFEnumeration case of ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 856. The function reads a 2-byte enumeration count N via dtoh16odata, poffset without verifying that...

5.2CVSS5.7AI score0.00198EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/20 11:26 p.m.•17 views

SUSE CVE-2026-35215

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdldesc function does not validate the length of a decoded SDL descriptor from a slice packet. A zero-length descriptor is later used to calculate the number of slice items, causing...

7.5CVSS5.7AI score0.00466EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/04/14 11:26 p.m.•17 views

SUSE CVE-2026-34481

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. Th...

5.3CVSS5.8AI score0.00555EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/25 12:25 a.m.•17 views

SUSE CVE-2026-29194

Netmaker makes networks with WireGuard. Prior to version 1.5.0, the Authorize middleware in Netmaker incorrectly validates host JWT tokens. When a route permits host authentication hostAllowed=true, a valid host token bypasses all subsequent authorization checks without verifying that the host is...

8.6CVSS5.8AI score0.00366EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•17 views

SUSE CVE-2026-23060

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

6.5CVSS5.2AI score0.00123EPSS
Exploits0References27
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•17 views

SUSE CVE-2026-23007

In the Linux kernel, the following vulnerability has been resolved: block: zero non-PI portion of auto integrity buffer The auto-generated integrity buffer for writes needs to be fully initialized before being passed to the underlying block device, otherwise the uninitialized memory can be read...

5.5CVSS5.4AI score0.00135EPSS
Exploits0References3
Total number of security vulnerabilities5000