Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-67488

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...

8.8CVSS7.7AI score0.00374EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-67494

ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI V2 treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This...

9.3CVSS7.1AI score0.0046EPSS
Exploits2References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•2 views

SUSE CVE-2025-67495

ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the postlogoutredirect GET parameter. As a result, unauthenticate...

8CVSS7AI score0.00265EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-67508

gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non-POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft...

8.4CVSS6.8AI score0.00204EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-67713

Miniflux 2 is an open source feed reader. Versions 2.2.14 and below treat redirecturl as safe when url.Parse....IsAbs is false, enabling phishing flows after login. Protocol-relative URLs like //ikotaslabs.com have an empty scheme and pass that check, allowing post-login redirects to...

6.1CVSS6.9AI score0.00187EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-67717

ZITADEL is an open-source identity infrastructure tool. Versions 2.44.0 through 3.4.4 and 4.0.0-rc.1 through 4.7.1 disclose the total number of instance users to authenticated users, regardless of their specific permissions. While this does not leak individual user data or PII, disclosing the tot...

5.3CVSS6AI score0.00195EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•6 views

SUSE CVE-2025-67818

An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path e.g., /etc/... or use parent directory traversal ../../.. to escape the restore root when a backup is restored, potentially creating or...

7.2CVSS7.2AI score0.00771EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-67819

An issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer logic, an attacker who can call the GetFile method while a shard is in the "Pause file activity" state and the FileReplicationService is reachable can read arbitrary files...

4.9CVSS6.9AI score0.00427EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•6 views

SUSE CVE-2025-68113

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

6.5CVSS6.7AI score0.00262EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-68120

To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode...

5.4CVSS7.4AI score0.00418EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-68274

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

8.7CVSS7.2AI score0.00487EPSS
Exploits1References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-68476

KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The...

8.2CVSS7AI score0.00433EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-68751

In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpuvstl A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on value of 'index'...

3.3CVSS6.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-68752

In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptpclocksettime assumes every ptpclock has implemented settime64. Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050bbe63 "gve: Implement...

4.4CVSS6.5AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-68753

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in putuser loop for DSP events In the DSP event handling code, a putuser loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite beyond the buffer...

5.5CVSS6.6AI score0.00161EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-68754

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

6.7CVSS6.6AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-68755

In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e "staging: most: remove device from...

5.5CVSS6.4AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•4 views

SUSE CVE-2025-68756

In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...

4.7CVSS6.3AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-68757

In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timerdeletesync from fence-ops.release called on last dmafenceput. In some scenarios, it can run...

5.5CVSS6.1AI score0.00165EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•3 views

SUSE CVE-2025-68758

In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a class device. It...

6.1CVSS6.4AI score0.00165EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•5 views

SUSE CVE-2025-68759

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180initrxring In rtl8180initrxring, memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously successful allocations are not freed...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•6 views

SUSE CVE-2025-68760

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommummioshow In iommummiowrite, it validates the user-provided offset with the check: iommu-dbgmmiooffset iommu-mmiophysend - 4. This assumes a 4-byte access. However, the...

6.1CVSS6.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•3 views

SUSE CVE-2025-68761

In the Linux kernel, the following vulnerability has been resolved: hfs: fix potential use after free in hfscorrectnextunusedCNID This code calls hfsbnodeputnode which drops the refcount and then dreferences "node" on the next line. It's only safe to use "node" when we're holding a reference so...

7CVSS6.9AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:24 a.m.•6 views

SUSE CVE-2025-68762

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: initialize work queue before error checks Prevent a kernel warning when netconsole setup fails on devices with IFFDISABLENETPOLL flag. The warning at kernel/workqueue.c:4242 in flushwork occurs because the cleanup...

3.3CVSS6.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•4 views

SUSE CVE-2025-68763

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly handle return of sgnentsforlen The return value of sgnentsforlen was assigned to an unsigned long in starfivehashdigest, causing negative error codes to be converted to large positive integers. Add...

6.6CVSS6.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•4 views

SUSE CVE-2025-68764

In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag...

4.4CVSS6.5AI score0.00165EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•4 views

SUSE CVE-2025-68765

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•5 views

SUSE CVE-2025-68766

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...

6.6CVSS6.7AI score0.00161EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•10 views

SUSE CVE-2025-68938

Gitea before 1.25.2 mishandles authorization for deletion of releases...

5.3CVSS7AI score0.00349EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•4 views

SUSE CVE-2025-68939

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API...

8.2CVSS7AI score0.00295EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•4 views

SUSE CVE-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

5.3CVSS6.9AI score0.00251EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•5 views

SUSE CVE-2025-68941

Gitea before 1.22.3 mishandles access to a private resource upon receiving an API token with scope limited to public resources...

5.3CVSS6.9AI score0.00238EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•3 views

SUSE CVE-2025-68942

Gitea before 1.22.2 allows XSS because the search input box for creating tags and branches is v-html instead of v-text...

5.4CVSS6.4AI score0.00222EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•5 views

SUSE CVE-2025-68943

Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...

5.3CVSS7AI score0.00328EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•3 views

SUSE CVE-2025-68944

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries...

5.3CVSS7AI score0.00253EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•2 views

SUSE CVE-2025-68945

In Gitea before 1.21.2, an anonymous user can visit a private user's project...

5.8CVSS6.9AI score0.00328EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•4 views

SUSE CVE-2025-68946

In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS...

5.4CVSS6.9AI score0.00222EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/06 12:23 a.m.•4 views

SUSE CVE-2025-69412

KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API aka phishing API, which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration...

3.4CVSS6.9AI score0.00241EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/03 12:24 a.m.•8 views

SUSE CVE-2025-11964

On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf16letoutf8truncated can write data beyond the end of the provided buffer...

1.9CVSS7AI score0.00102EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/03 12:24 a.m.•7 views

SUSE CVE-2025-34468

libcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without proper bounds checking. A remote attacker can trigger a crash and potentiall...

9.8CVSS8.3AI score0.00637EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/01 12:39 a.m.•4 views

SUSE CVE-2022-50798

This candidate is a duplicate of CVE-2017-11359...

5.9AI score0.00039EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/01 12:26 a.m.•4 views

SUSE CVE-2025-11961

pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function...

3.3CVSS6.9AI score0.00098EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/01/01 12:26 a.m.•6 views

SUSE CVE-2025-15059

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.8AI score0.00744EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/01/01 12:24 a.m.•5 views

SUSE CVE-2025-50343

An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...

9.8CVSS7.1AI score0.00343EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/01 12:24 a.m.•4 views

SUSE CVE-2025-61594

URI is a module providing classes to handle Uniform Resource Identifiers. In versions 0.12.4 and earlier bundled in Ruby 3.2 series 0.13.2 and earlier bundled in Ruby 3.3 series, 1.0.3 and earlier bundled in Ruby 3.4 series, when using the + operator to combine URIs, sensitive information like...

6.5CVSS7.2AI score0.0051EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/01/01 12:24 a.m.•5 views

SUSE CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

7.5CVSS6.9AI score0.00317EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2026/01/01 12:24 a.m.•3 views

SUSE CVE-2025-67746

Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...

3.3CVSS6.7AI score0.00405EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/01/01 12:24 a.m.•5 views

SUSE CVE-2025-68131

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...

5.5CVSS6.8AI score0.00423EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/01/01 12:24 a.m.•3 views

SUSE CVE-2025-68618

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...

4CVSS6.8AI score0.00552EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/01/01 12:24 a.m.•6 views

SUSE CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

4CVSS6.9AI score0.00164EPSS
Exploits0References7
Total number of security vulnerabilities59854