Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•7 views

SUSE CVE-2026-33487

goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version,...

7.5CVSS5.8AI score0.00299EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•4 views

SUSE CVE-2026-33903

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing a specially crafted NGAP LocationReport message. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. Version...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•5 views

SUSE CVE-2026-33904

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS5.8AI score0.00165EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•6 views

SUSE CVE-2026-33906

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and restore permission. The restore endpoint accepted any valid SQLite file without verifying its contents. A NetworkManager could replace the production database with a tamper...

7.2CVSS5.8AI score0.00388EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•4 views

SUSE CVE-2026-33907

Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...

6.5CVSS5.8AI score0.00236EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•7 views

SUSE CVE-2026-33990

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's...

9.1CVSS5.9AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•8 views

SUSE CVE-2026-33997

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a...

8.4CVSS5.7AI score0.00387EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•6 views

SUSE CVE-2026-34040

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins AuthZ. This issue has been patched in version 29.3.1...

8.4CVSS5.7AI score0.08123EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•4 views

SUSE CVE-2026-34204

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

7.1CVSS5.7AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•4 views

SUSE CVE-2026-34385

Fleet is open source device management software. Prior to 4.81.0, a second-order SQL injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user...

8.6CVSS5.9AI score0.00197EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•4 views

SUSE CVE-2026-34386

Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap package configuration allows an authenticated user with Team Admin or Global Admin privileges to modify arbitrary team configurations, exfiltrate sensitive data from the Fleet...

8.8CVSS6AI score0.00318EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•4 views

SUSE CVE-2026-34388

Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server process by sending an unexpected log type value. The server terminates immediately, disrupting all...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•5 views

SUSE CVE-2026-34389

Fleet is open source device management software. Prior to 4.81.0, Fleet contained an issue in the user invitation flow where the email address provided during invite acceptance was not validated against the email address associated with the invite. An attacker who obtained a valid invite token...

7.1CVSS5.9AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/06 11:24 p.m.•9 views

SUSE CVE-2026-34933

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version...

5.5CVSS5.7AI score0.00203EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/04/04 11:27 p.m.•6 views

SUSE CVE-2026-3308

An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...

7.8CVSS6.1AI score0.00213EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/04 11:26 p.m.•8 views

SUSE CVE-2026-5313

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

5.3CVSS5.3AI score0.00286EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/04 11:26 p.m.•5 views

SUSE CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

5.3CVSS5.3AI score0.00439EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/04 11:26 p.m.•3 views

SUSE CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

5.3CVSS5.4AI score0.00629EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/04/04 11:26 p.m.•4 views

SUSE CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

3.3CVSS5.4AI score0.00735EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2026/04/04 11:25 p.m.•10 views

SUSE CVE-2026-22815

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...

5.3CVSS5.7AI score0.0044EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•6 views

SUSE CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

5.5CVSS5.7AI score0.00113EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•7 views

SUSE CVE-2026-23419

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•8 views

SUSE CVE-2026-23420

In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•3 views

SUSE CVE-2026-23421

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctxrestoremidbb in release ctxrestoremidbb memory is allocated in wabbstore, but xeconfigdevicerelease only frees ctxrestorepostbb. Free ctxrestoremidbb0.cs as well to avoid leaking the allocation when the...

5.5CVSS5.7AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•7 views

SUSE CVE-2026-23422

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad ifid in IRQ handler Commit 31a7a0bbeb00 "dpaa2-switch: add bounds check for ifid in IRQ handler" introduces a range check for ifid to avoid an out-of-bounds access. If an...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•6 views

SUSE CVE-2026-23423

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

5.5CVSS5.7AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•4 views

SUSE CVE-2026-23424

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•6 views

SUSE CVE-2026-23425

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix ID register initialization for non-protected pKVM guests In protected mode, the hypervisor maintains a separate instance of the kvm structure for each VM. For non-protected VMs, this structure is initialized from...

6.3CVSS5.8AI score0.00119EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•7 views

SUSE CVE-2026-23426

In the Linux kernel, the following vulnerability has been resolved: drm/logicvc: Fix device node reference leak in logicvcdrmconfigparse The logicvcdrmconfigparse function calls ofgetchildbyname to find the "layers" node but fails to release the reference, leading to a device node reference leak...

4.7CVSS5.7AI score0.00115EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•5 views

SUSE CVE-2026-23427

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parsedurablehandlecontext unconditionally assigns dhinfo-fp-conn to the current connection when handling a DURABLEREQV2 context with SMB2FLAGSREPLAYOPERATION...

9.8CVSS5.7AI score0.0029EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•7 views

SUSE CVE-2026-23428

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of shareconf in compound request smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks tstate == TREECONNECTED on the initial lookup path, but...

9.8CVSS5.8AI score0.00331EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•5 views

SUSE CVE-2026-23429

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommusvaunbinddevice domain-mm-iommumm can be freed by iommudomainfree: iommudomainfree mmdrop mmdrop mmpasiddrop After iommudomainfree returns, accessing domain-mm-iommumm may dereference a freed mm...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:28 p.m.•7 views

SUSE CVE-2026-23430

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Don't overwrite KMS surface dirty tracker We were overwriting the surface's dirty tracker here causing a memory leak...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•4 views

SUSE CVE-2026-23431

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in several error paths. This leads to a memory leak whenever the driver...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•4 views

SUSE CVE-2026-23432

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshvmapusermemory error path In the error path of mshvmapusermemory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•5 views

SUSE CVE-2026-23433

In the Linux kernel, the following vulnerability has been resolved: armmpam: Fix null pointer dereference when restoring bandwidth counters When an MSC supporting memory bandwidth monitoring is brought offline and then online, mpamrestorembwustate calls rismsmonread via ipi to restore the...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23434

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

6.1CVSS5.7AI score0.00126EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•4 views

SUSE CVE-2026-23435

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•5 views

SUSE CVE-2026-23436

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23437

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

7CVSS5.7AI score0.00127EPSS
Exploits0References40
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23438

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with globaltxfc in buffer switching mvpp2bmswitchbuffers unconditionally calls mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs CM3...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•5 views

SUSE CVE-2026-23439

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...

5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23440

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...

4.7CVSS5.8AI score0.00206EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23441

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5eipsecaso struct for each PF, which contains a shared DMA-mapped context...

5.5CVSS5.7AI score0.00089EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23442

In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths in6devget can return NULL when the device has no IPv6 configuration e.g. MTU IPV6MINMTU or after NETDEVUNREGISTER. Add NULL checks for idev returned by in6devget in both...

6.5CVSS5.7AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23443

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix previous acpiprocessorerratapiix4 fix After commi f132e089fe89 "ACPI: processor: Fix NULL-pointer dereference in acpiprocessorerratapiix4", device pointers may be dereferenced after dropping references to the...

6.1CVSS5.8AI score0.00119EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•8 views

SUSE CVE-2026-23444

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211txprepareskb failure ieee80211txprepareskb has three error paths, but only two of them free the skb. The first error path ieee80211txprepare returning TXDROP does not free it, while...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•14 views

SUSE CVE-2026-23446

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpmresume" This is caused by aqc111suspend calling the PM variant of its writecmd routine. The simplified call trace looks like this:...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23447

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdcncmrxverifyndp32. The DPE array size is validated against the total skb length withou...

6.1CVSS5.7AI score0.00129EPSS
Exploits0References16
Total number of security vulnerabilities59854