Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23361

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry Endpoint drivers use dwpcieepraisemsixirq to raise an MSI-X interrupt to the host using a writel, which generates a PCI posted write transaction. There's no completio...

4.1CVSS5.7AI score0.00129EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23362

In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23363

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix possible oob access in mt7925macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7925macwritetxwi80211 in order to avoid a possible oob access...

5.5CVSS5.7AI score0.00125EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•5 views

SUSE CVE-2026-23364

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp with the correct function, cryptomemneq...

7.4CVSS5.7AI score0.00392EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23365

In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23366

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drmclientmodesetprobe may fail to kcalloc. If this occurs, we jump to 'out', calling modesdestroy on it, which dereferences it. This may result in a NULL pointer dereference in the...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23367

In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...

6.3CVSS5.7AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•10 views

SUSE CVE-2026-23368

In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled: 1362.049207 ledtriggerregister+0x5c/0x1fc...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•12 views

SUSE CVE-2026-23369

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23370

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data setnewpassword hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23371

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix missing ENQUEUEREPLENISH during PI de-boosting Running stress-ng --schedpolicy 0 on an RT kernel on a big machine might lead to the following WARNINGs edited. sched: DL de-boosted task PID 22725: REPLENISH fla...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23372

In the Linux kernel, the following vulnerability has been resolved: nfc: rawsock: cancel txwork before socket teardown In rawsockrelease, cancel any pending txwork and purge the write queue before orphaning the socket. rawsocktxwork runs on the system workqueue and calls nfcdataexchange which...

5.5CVSS6AI score0.00132EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23373

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Don't default to -EOPNOTSUPP in rsimac80211config This triggers a WARNON in ieee80211hwconfinit and isn't the expected behavior from the driver - other drivers default to 0 too...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23374

In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23376

In the Linux kernel, the following vulnerability has been resolved: nvmet-fcloop: Check remoteport portstate before calling done callback In nvmefchandlelsrqstwork, the lsrsp-done callback is only set when remoteport-portstate is FCOBJSTATEONLINE. Otherwise, the nvmefcxmtlsrsp's LLDD call to...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•5 views

SUSE CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.8AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23378

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: Fix metalist update behavior Whenever an ife action replace changes the metalist, instead of replacing the old data on the metalist, the current ife code is appending the new metadata. Aside from being...

6.3CVSS5.8AI score0.00129EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23379

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23380

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose When a process forks, the child process copies the parent's VMAs but the usermapped reference count is not incremented. As a result, when both the parent and child processes exit,...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•4 views

SUSE CVE-2026-23381

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. Then, if...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•10 views

SUSE CVE-2026-23382

In the Linux kernel, the following vulnerability has been resolved: HID: Add HIDCLAIMEDINPUT guards in rawevent callbacks missing them In commit 2ff5baa9b527 "HID: appleir: Fix potential NULL dereference at raw event handle", we handle the fact that raw event callbacks can happen even for a HID...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23383

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests an alignment of 4 bytes sizeofu32 for the JIT buffer. Because the ba...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•5 views

SUSE CVE-2026-23384

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ioniccreatecq struct ioniccqresp resp u32 cqid2; // offset 0 - PARTIALLY SET see below u8 udmamask; // offset 8 - SET resp.udmamask = vcq-udmamask u8 rsvd7; // offset 9 - NEVER SET udmamask &...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•5 views

SUSE CVE-2026-23385

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...

5.5CVSS5.7AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23386

In the Linux kernel, the following vulnerability has been resolved: gve: fix incorrect buffer cleanup in gvetxcleanpendingpackets for QPL In DQ-QPL mode, gvetxcleanpendingpackets incorrectly uses the RDA buffer cleanup path. It iterates numbufs times and attempts to unmap entries in the dma array...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23387

In the Linux kernel, the following vulnerability has been resolved: pinctrl: cirrus: cs42l43: Fix double-put in cs42l43pinprobe devmaddactionorreset already invokes the action on failure, so the explicit put causes a double-put...

6.3CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•5 views

SUSE CVE-2026-23388

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check metadata block offset is within range Syzkaller reports a "general protection fault in squashfscopydata" This is ultimately caused by a corrupted index look-up table, which produces a negative metadata block offse...

5.7AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•6 views

SUSE CVE-2026-23389

In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory leak in icesetringparam In icesetringparam, txrings and xdprings are allocated before rxrings. If the allocation of rxrings fails, the code jumps to the done label leaking both txrings and xdprings. Furthermore, i...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•8 views

SUSE CVE-2026-23390

In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap dmamapsg tracepoint arrays to prevent buffer overflow The dmamapsg tracepoint can trigger a perf buffer overflow when tracing large scatter-gather lists. With devices like virtio-gpu creating large DRM buffers,...

7.8CVSS5.9AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•7 views

SUSE CVE-2026-23391

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtCT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy,...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•6 views

SUSE CVE-2026-23392

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...

7CVSS5.7AI score0.00119EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•7 views

SUSE CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7CVSS5.7AI score0.001EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•6 views

SUSE CVE-2026-23394

In the Linux kernel, the following vulnerability has been resolved: afunix: Give up GC if MSGPEEK intervened. Igor Ushakov reported that GC purged the receive queue of an alive socket due to a race with MSGPEEK with a nice repro. This is the exact same issue previously fixed by commit cbcf01128d0...

4.7CVSS5.7AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•6 views

SUSE CVE-2026-23395

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

6.5CVSS5.7AI score0.00249EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•5 views

SUSE CVE-2026-23919

For performance reasons Zabbix Server/Proxy reuses JavaScript Duktape contexts used in script items, JavaScript reprocessing, Webhooks. This can lead to confidentiality loss where a regular non-super Zabbix administrator leaks data for hosts they do not have access to. A fix has been released tha...

7.1CVSS5.7AI score0.00154EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•4 views

SUSE CVE-2026-23920

Host and event action script input is validated with a regex set by the administrator, but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands...

7.7CVSS5.9AI score0.00248EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•5 views

SUSE CVE-2026-23921

A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL selects via the sortfield parameter. Although query results are not returned directly, an attacker can exfiltrate arbitrary database data...

8.7CVSS6.1AI score0.0024EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:54 p.m.•3 views

SUSE CVE-2026-23923

An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time...

6.9CVSS6AI score0.00285EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:53 p.m.•4 views

SUSE CVE-2026-32748

Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable...

7.5CVSS5.9AI score0.08931EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:53 p.m.•5 views

SUSE CVE-2026-32853

LibVNCServer versions 0.9.15 and prior fixed in commit 009008e contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking in the...

7.1CVSS5.9AI score0.00437EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:53 p.m.•4 views

SUSE CVE-2026-32854

LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...

7.5CVSS5.9AI score0.05322EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:53 p.m.•11 views

SUSE CVE-2026-33515

Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding...

6.9CVSS5.9AI score0.01039EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/25 4:53 p.m.•8 views

SUSE CVE-2026-33526

Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP...

7.5CVSS5.9AI score0.08942EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/25 11:56 a.m.•6 views

SUSE CVE-2026-0528

Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...

7.5CVSS5.9AI score0.00327EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 11:55 a.m.•3 views

SUSE CVE-2026-1940

An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gstwavparseadtlchunk function. The patch added a size validation check lsize + 8 size, but it does not account for the GSTROUNDUP2lsize used in the actual offset calculation. When lsize is an odd number, the parser advances more...

5.1CVSS6.8AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•6 views

SUSE CVE-2026-4404

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

9.4CVSS5.9AI score0.00498EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•14 views

SUSE CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can caus...

6.1CVSS5.8AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•4 views

SUSE CVE-2026-4673

Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00504EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 11:53 a.m.•7 views

SUSE CVE-2026-4674

Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00454EPSS
Exploits0References3
Total number of security vulnerabilities59854