Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•3 views

SUSE CVE-2026-23247

In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...

5.5CVSS5.6AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•6 views

SUSE CVE-2026-23248

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix refcount bug and potential UAF in perfmmap Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused by a race condition between a failing mmap setup and a concurrent mm...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•4 views

SUSE CVE-2026-23249

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.7AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•5 views

SUSE CVE-2026-23250

In the Linux kernel, the following vulnerability has been resolved: xfs: check return value of xchkscrubcreatesubord Fix this function to return NULL instead of a mangled ENOMEM, then fix the callers to actually check for a null pointer and return ENOMEM. Most of the corrections here are for code...

5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•6 views

SUSE CVE-2026-23251

In the Linux kernel, the following vulnerability has been resolved: xfs: only call xfarray,blobdestroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fixes a large number of...

5.6AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•5 views

SUSE CVE-2026-23252

In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchkxfiledescr calls The xchkxfiledescr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes or whatever the nofail guarantees are nowadays. Some of them cou...

5.5AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•7 views

SUSE CVE-2026-23253

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvbdvropen calls dvbringbufferinit when a new reader opens the DVR device. dvbringbufferinit calls initwaitqueuehead, which reinitializes the waitqueue list head...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•7 views

SUSE CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•5 views

SUSE CVE-2026-23255

In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptypeseqshow and provided a patch. Real issue is that ptypeseqnext and ptypeseqshow violate RCU rules. ptypeseqshow runs under rcureadlock, an...

4.7CVSS5.6AI score0.00114EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•6 views

SUSE CVE-2026-23256

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...

5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•4 views

SUSE CVE-2026-23257

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...

5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:27 a.m.•5 views

SUSE CVE-2026-23258

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored in oct-propsi.netdev only after the calls to...

5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•4 views

SUSE CVE-2026-23259

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

5.5CVSS5.6AI score0.001EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•8 views

SUSE CVE-2026-23260

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on masstoregfp failure regcachemaplewrite allocates a new block 'entry' to merge adjacent ranges and then stores it with masstoregfp. When masstoregfp fails, the new 'entry' remains allocated and is neve...

3.3CVSS5.6AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•7 views

SUSE CVE-2026-23261

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvmefabrics creates an NVMe/FC controller in following path: nvmfdevwrite - nvmfcreatectrl - nvmefccreatectrl - nvmefcinitctrl nvmefcinitctrl allocates the admin blk-mq resources right...

3.3CVSS5.6AI score0.00114EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•8 views

SUSE CVE-2026-23262

In the Linux kernel, the following vulnerability has been resolved: gve: Fix stats report corruption on queue count change The driver and the NIC share a region in memory for stats reporting. The NIC calculates its offset into this region based on the total size of the stats region and the size o...

6.3CVSS5.7AI score0.0012EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•3 views

SUSE CVE-2026-23263

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix page array leak d9f595b9a65e "iouring/zcrx: fix leaking pages on sg init fail" fixed a page leakage but didn't free the page array, release it as well...

5.6AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•8 views

SUSE CVE-2026-23264

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" This reverts commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after commit 0ab5d711ec74 "drm/amd: Refactor amdgpuaspm to be...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•4 views

SUSE CVE-2026-23265

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...

5.7AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•6 views

SUSE CVE-2026-23266

In the Linux kernel, the following vulnerability has been resolved: fbdev: rivafb: fix divide error in nv3arb A userspace program can trigger the RIVA NV3 arbitration code by calling the FBIOPUTVSCREENINFO ioctl on /dev/fb. When doing so, the driver recomputes FIFO arbitration parameters in nv3ar...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•4 views

SUSE CVE-2026-23267

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix ISCHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes During SPO tests, when mounting F2FS, an -EINVAL error was returned from f2fsrecoverinodepage. The issue occurred under th...

5.6AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•7 views

SUSE CVE-2026-23268

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened...

7CVSS5.7AI score0.00134EPSS
Exploits0References130
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•5 views

SUSE CVE-2026-23269

In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpackpdb Start states are read from untrusted data and used as indexes into the DFA state tables. The aadfanext function call in unpackpdb will access dfa-tablesYYTDIDBASEstar...

6.1CVSS5.6AI score0.00131EPSS
Exploits0References32
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•6 views

SUSE CVE-2026-23270

In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier 1: "Since the blamed commit below, classify can return TCACTCONSUMED while the current skb being held by the defragmentation...

5.5CVSS5.6AI score0.00123EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•5 views

SUSE CVE-2026-26740

Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size...

8.6CVSS5.8AI score0.00618EPSS
Exploits1References11
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•6 views

SUSE CVE-2026-27135

nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API nghttp2sessionterminatesession or nghttp2sessionterminatesession2 is called by the application. They might be...

7.5CVSS5.8AI score0.00775EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•6 views

SUSE CVE-2026-27448

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to settlsextservernamecallback raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for...

3.7CVSS5.8AI score0.00241EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/19 12:26 a.m.•5 views

SUSE CVE-2026-27459

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....

7CVSS5.8AI score0.00704EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/19 12:25 a.m.•5 views

SUSE CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS7.1AI score0.0058EPSS
Exploits1References16
SUSE CVE
SUSE CVE
•added 2026/03/19 12:25 a.m.•3 views

SUSE CVE-2026-32609

Glances is an open-source system cross-platform monitoring tool. The GHSA-gh4x fix commit 5d3de60 addressed unauthenticated configuration secrets exposure on the /api/v4/config endpoints by introducing asdictsecure redaction. However, the /api/v4/args and /api/v4/args/item endpoints were not...

7.5CVSS5.8AI score0.00499EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:25 a.m.•3 views

SUSE CVE-2026-32836

drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...

6.9CVSS5.3AI score0.00183EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/19 12:25 a.m.•4 views

SUSE CVE-2026-32837

miniaudio version 0.11.25 and earlier fixed in commits 1df46ae and 1df46ae contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination...

5.5CVSS5.3AI score0.00231EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/18 10:59 a.m.•9 views

SUSE CVE-2025-68971

In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment e.g., to be associated with an issue or a release...

6.5CVSS5.8AI score0.00471EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/18 10:59 a.m.•3 views

SUSE CVE-2025-69693

Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder libavcodec/rv60dec.c. The quantization parameter qp validation at line 2267 only checks the lower bound qp 0 but is missing upper bound validation. The qp value can reach 65 base value 63 from 6-bit frame header + offset +2 from...

5.4CVSS5.8AI score0.00266EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/18 10:58 a.m.•3 views

SUSE CVE-2025-71239

In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class fchmodat2, introduced in version 6.6 is currently not in the change attribute class of audit. Calling fchmodat2 to change a file attribute in the same fashion than chmod or fchmodat...

3.3CVSS5.6AI score0.00124EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/18 10:57 a.m.•4 views

SUSE CVE-2026-2046

unknown...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/18 10:57 a.m.•5 views

SUSE CVE-2026-2049

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.7AI score0.00615EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/03/18 12:30 a.m.•3 views

SUSE CVE-2026-3312

unknown...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/18 12:29 a.m.•3 views

SUSE CVE-2026-3864

A vulnerability was discovered in the Kubernetes CSI Driver for NFS where the subDir parameter in volume identifiers was insufficiently validated. Attackers with the ability to create PersistentVolumes referencing the NFS CSI driver could craft volume identifiers containing path traversal sequenc...

6.5CVSS6.1AI score0.00539EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/18 12:28 a.m.•4 views

SUSE CVE-2026-4158

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the targe...

7.3CVSS7.5AI score0.00226EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/18 12:28 a.m.•4 views

SUSE CVE-2026-4177

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on...

9.1CVSS6AI score0.00429EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/03/18 12:28 a.m.•5 views

SUSE CVE-2026-4271

A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the...

8.6CVSS5.8AI score0.00829EPSS
Exploits1References10
SUSE CVE
SUSE CVE
•added 2026/03/18 12:25 a.m.•4 views

SUSE CVE-2026-23241

In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a file to read its extended attributes will bypass audit rules such...

5.6AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/18 12:25 a.m.•4 views

SUSE CVE-2026-23554

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a single flush. Freeing of paging structures however is not deferred until the flushing is done, and...

7.8CVSS5.9AI score0.00128EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/03/18 12:25 a.m.•3 views

SUSE CVE-2026-23555

Any guest issuing a Xenstore command accessing a node using the illegal node path "/local/domain/", will crash xenstored due to a clobbered error indicator in xenstored when verifying the node path. Note that the crash is forced via a failing assert statement in xenstored. In case xenstored is...

7.1CVSS5.8AI score0.00181EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/18 12:24 a.m.•5 views

SUSE CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

5.3CVSS5.8AI score0.00193EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/03/17 12:27 a.m.•6 views

SUSE CVE-2025-71264

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service client crash...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/17 12:27 a.m.•5 views

SUSE CVE-2026-2069

A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llamagrammaradvancestack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow. The attack needs to be launched locally. The exploi...

4.8CVSS5.9AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/17 12:26 a.m.•6 views

SUSE CVE-2026-3644

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...

6.5CVSS5.8AI score0.00419EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/03/17 12:26 a.m.•3 views

SUSE CVE-2026-4174

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References3
Total number of security vulnerabilities59854