Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•8 views

SUSE CVE-2026-22981

In the Linux kernel, the following vulnerability has been resolved: idpf: detach and close netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and close any netdevs in UP state until the reset handling has completed. During a reset, the...

4.4CVSS5.7AI score0.00115EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•6 views

SUSE CVE-2026-22983

In the Linux kernel, the following vulnerability has been resolved: net: do not write to msggetinq in callee NULL pointer dereference fix. msggetinq is an input field from caller to callee. Don't set it in the callee, as the caller may not clear it on struct reuse. This is a kernel-internal varia...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•13 views

SUSE CVE-2026-22987

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...

5.5CVSS5.8AI score0.00103EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•6 views

SUSE CVE-2026-22988

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...

5.9CVSS5.8AI score0.00123EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•5 views

SUSE CVE-2026-22989

In the Linux kernel, the following vulnerability has been resolved: nfsd: check that server is running in unlockfilesystem If we are trying to unlock the filesystem via an administrative interface and nfsd isn't running, it crashes the server. This happens currently because nfsd4revokestates acce...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/01/28 12:25 a.m.•7 views

SUSE CVE-2026-22992

In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from monhandleauthdone Currently any error from cephauthhandlereplydone is propagated via finishauth but isn't returned from monhandleauthdone. This results in higher layers learning that despite...

6.5CVSS5.7AI score0.00268EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•3 views

SUSE CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•5 views

SUSE CVE-2026-23888

pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's binary fetcher allows malicious packages to write files outside the intended extraction directory. The vulnerability has two attack vectors: 1 Malicious ZIP entries containing ../ or absolute paths that...

6.5CVSS5.9AI score0.00396EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•6 views

SUSE CVE-2026-23890

pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's bin linking allows malicious npm packages to create executable shims or symlinks outside of nodemodules/.bin. Bin names starting with @ bypass validation, and after scope normalization, path traversal...

6.5CVSS5.9AI score0.00438EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•9 views

SUSE CVE-2026-24056

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a file: directory or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path e.g., /etc/passwd,...

6.7CVSS5.9AI score0.00469EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•4 views

SUSE CVE-2026-24131

pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...

6.7CVSS6AI score0.00244EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•5 views

SUSE CVE-2026-24400

AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...

6.1CVSS5.9AI score0.00542EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•5 views

SUSE CVE-2026-24408

sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. OAuthSession creates a unique "state" and sends it as a parameter in the authentication request bu...

5CVSS5.9AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•5 views

SUSE CVE-2026-24480

QGIS is a free, open source, cross platform geographical information system GIS The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it...

8.7CVSS6.2AI score0.00414EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•7 views

SUSE CVE-2026-24486

Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options UPLOADDIR and UPLOADKEEPFILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting...

8.2CVSS6AI score0.02228EPSS
Exploits5References5
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•6 views

SUSE CVE-2026-24686

go-tuf is a Go implementation of The Update Framework TUF. go-tuf's TAP 4 Multirepo Client uses the map file repository name string repoName as a filesystem path component when selecting the local metadata cache directory. Starting in version 2.0.0 and prior to version 2.4.1, if an application...

4.7CVSS5.9AI score0.00211EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•5 views

SUSE CVE-2026-24799

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in davisking dlib dlib/external/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9...

5.2CVSS5.9AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•5 views

SUSE CVE-2026-24808

Integer Overflow or Wraparound vulnerability in RawTherapee rtengine modules. This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11...

8.3CVSS5.9AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•4 views

SUSE CVE-2026-24868

Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 147.0.2...

4.3CVSS5.8AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/28 12:24 a.m.•5 views

SUSE CVE-2026-24869

Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability was fixed in Firefox 147.0.2...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/27 12:52 a.m.•7 views

SUSE CVE-2017-18892

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. E-mail templates can have a field in which HTML content is not neutralized...

6.1CVSS5.9AI score0.0069EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:30 a.m.•4 views

SUSE CVE-2025-66292

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

8.1CVSS6AI score0.00598EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:28 a.m.•33 views

SUSE CVE-2025-68383

Improper Validation of Specified Index, Position, or Offset in Input CWE-1285 in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow CAPEC-100 and cause a denial of service panic/crash of the Filebeat process via either a malformed Syslog message...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:28 a.m.•3 views

SUSE CVE-2025-68388

Allocation of resources without limits or throttling CWE-770 allows an unauthenticated remote attacker to cause excessive allocation CAPEC-130 of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat...

5.3CVSS5.9AI score0.00309EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:28 a.m.•12 views

SUSE CVE-2025-68671

lakeFS is an open-source tool that transforms object storage into a Git-like repositories. LakeFS's S3 gateway does not validate timestamps in authenticated requests, allowing replay attacks. Prior to 1.75.0, an attacker who captures a valid signed request e.g., through network interception, logs...

6.5CVSS5.9AI score0.00239EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•9 views

SUSE CVE-2026-1386

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at...

6CVSS5.9AI score0.00195EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•7 views

SUSE CVE-2026-22689

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicio...

6.5CVSS5.8AI score0.00208EPSS
Exploits2References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•6 views

SUSE CVE-2026-22771

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. Prior to 1.5.7 and 1.6.2, EnvoyExtensionPolicy Lua scripts executed by Envoy proxy can be used to leak the proxy's credentials. These credentials can then be used to communica...

8.8CVSS5.9AI score0.00567EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•5 views

SUSE CVE-2026-22786

Gin-vue-admin is a backstage management system based on vue and gin. Gin-vue-admin = v2.8.7 has a path traversal vulnerability in the breakpoint resume upload functionality. Attacker can upload any files on any directory. In the breakpointcontinue.go file, the MakeFile function accepts a fileName...

8.6CVSS5.9AI score0.00938EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•6 views

SUSE CVE-2026-22862

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8...

7.5CVSS6AI score0.00636EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•7 views

SUSE CVE-2026-22868

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8...

7.5CVSS6AI score0.00569EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•8 views

SUSE CVE-2026-22978

In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iwpoint struct iwpoint has a 32bit hole on 64bit arches. struct iwpoint void user pointer; / Pointer to the data in user space / u16 length; / number of fields or size in bytes / u16 flags;...

6.1CVSS5.8AI score0.00117EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•4 views

SUSE CVE-2026-22979

In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skbsegmentlist for GRO packets When skbsegmentlist is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation logic in skbsegmentlist...

5.3CVSS5.8AI score0.0012EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•7 views

SUSE CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

6.7CVSS5.8AI score0.0013EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•9 views

SUSE CVE-2026-22984

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

6.5CVSS5.8AI score0.00351EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•5 views

SUSE CVE-2026-22985

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations The RSS LUT is not initialized until the interface comes up, causing the following NULL pointer crash when ethtool operations like rxhash on/off are performed befor...

4.7CVSS5.7AI score0.00115EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•6 views

SUSE CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...

4.7CVSS5.8AI score0.00087EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/01/27 12:27 a.m.•7 views

SUSE CVE-2026-22990

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

6.5CVSS5.7AI score0.00341EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/01/27 12:26 a.m.•7 views

SUSE CVE-2026-22991

In the Linux kernel, the following vulnerability has been resolved: libceph: make freechooseargmap resilient to partial allocation freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in decodechooseargs, if allocation of argmap-args fails,...

5.5CVSS5.9AI score0.00395EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/27 12:26 a.m.•7 views

SUSE CVE-2026-22995

In the Linux kernel, the following vulnerability has been resolved: ublk: fix use-after-free in ublkpartitionscanwork A race condition exists between the async partition scan work and device teardown that can lead to a use-after-free of ub-ubdisk: 1. ublkctrlstartdev schedules partitionscanwork...

7.8CVSS5.8AI score0.00115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/27 12:26 a.m.•6 views

SUSE CVE-2026-23511

ZITADEL is an open source identity management platform. Prior to 4.9.1 and 3.4.6, a user enumeration vulnerability has been discovered in Zitadel's login interfaces. An unauthenticated attacker can exploit this flaw to confirm the existence of valid user accounts by iterating through usernames an...

5.3CVSS5.8AI score0.00362EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:26 a.m.•15 views

SUSE CVE-2026-23520

Arcane provides modern docker management. Prior to 1.13.0, Arcane has a command injection in the updater service. Arcane's updater service supported lifecycle labels com.getarcaneapp.arcane.lifecycle.pre-update and com.getarcaneapp.arcane.lifecycle.post-update that allowed defining a command to r...

9CVSS5.9AI score0.01643EPSS
Exploits6References2
SUSE CVE
SUSE CVE
•added 2026/01/27 12:26 a.m.•5 views

SUSE CVE-2026-24401

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.9AI score0.00252EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/01/26 12:25 a.m.•6 views

SUSE CVE-2025-71162

In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. The issue occurs when the DMA buffer is freed by...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/26 12:25 a.m.•7 views

SUSE CVE-2025-71163

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop the reference taken when looking up the idxd device as part of the compat bind and unbind sysfs interface...

5.5CVSS5.3AI score0.00193EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•7 views

SUSE CVE-2026-22996

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...

5.5CVSS5.3AI score0.00155EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•6 views

SUSE CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

5.5CVSS5.2AI score0.00424EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•15 views

SUSE CVE-2026-22998

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

5.5CVSS5.3AI score0.0071EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•9 views

SUSE CVE-2026-22999

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass Fixes qfqchangeclass error case. cl-qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF...

7CVSS5.2AI score0.00204EPSS
Exploits0References125
SUSE CVE
SUSE CVE
•added 2026/01/26 12:24 a.m.•19 views

SUSE CVE-2026-23000

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5enetdevchangeprofile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could end up with a dangling netdev with a fully reset...

5.5CVSS5.3AI score0.0015EPSS
Exploits0References20
Total number of security vulnerabilities59854