Lucene search
K
SusecveRecent

59855 matches found

SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•3 views

SUSE CVE-2025-66863

An issue was discovered in function ddiscriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6.8AI score0.00323EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•3 views

SUSE CVE-2025-66864

An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6.8AI score0.00204EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•3 views

SUSE CVE-2025-66865

An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6.8AI score0.00323EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•4 views

SUSE CVE-2025-66866

An issue was discovered in function dabitags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6.8AI score0.00279EPSS
Exploits2References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•7 views

SUSE CVE-2025-68431

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...

5.5CVSS7AI score0.00267EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•5 views

SUSE CVE-2025-69194

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

9.8CVSS6.5AI score0.00707EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•5 views

SUSE CVE-2025-69195

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...

8.8CVSS6.4AI score0.00291EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/31 12:23 a.m.•5 views

SUSE CVE-2025-69217

coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...

7.7CVSS7AI score0.00363EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/30 12:31 a.m.•7 views

SUSE CVE-2018-25153

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak...

6.1AI score0.00028EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/30 12:30 a.m.•9 views

SUSE CVE-2018-25154

GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system...

9.8CVSS8.2AI score0.00332EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/30 12:25 a.m.•24 views

SUSE CVE-2025-15095

A security vulnerability has been detected in postmanlabs httpbin up to 0.6.1. This affects an unknown function of the file httpbin-master/httpbin/core.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used...

5.1CVSS5.7AI score0.00253EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/30 12:23 a.m.•15 views

SUSE CVE-2025-68920

C-Kermit aka ckermit through 10.0 Beta.12 aka 416-beta12 before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system...

8.9CVSS6.9AI score0.00373EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/30 12:23 a.m.•35 views

SUSE CVE-2025-68937

Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later...

9.5CVSS7.1AI score0.00489EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/30 12:23 a.m.•9 views

SUSE CVE-2025-68972

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds although an "invalid armor" message is printed...

5.9CVSS7AI score0.00104EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/30 12:23 a.m.•11 views

SUSE CVE-2025-68973

In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions...

8CVSS6.8AI score0.00129EPSS
Exploits1References16
SUSE CVE
SUSE CVE
•added 2025/12/28 12:30 a.m.•5 views

SUSE CVE-2025-14177

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, the getimagesize function may leak uninitialized heap memory into the APPn segments e.g., APP1 when reading images in multi-chunk mode such as via php://filter. This occurs due to a...

3.7CVSS6.2AI score0.00474EPSS
Exploits3References12
SUSE CVE
SUSE CVE
•added 2025/12/28 12:30 a.m.•8 views

SUSE CVE-2025-14178

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE, due to an integer overflow in the precomputation of...

6.5CVSS7.2AI score0.00428EPSS
Exploits1References17
SUSE CVE
SUSE CVE
•added 2025/12/28 12:30 a.m.•7 views

SUSE CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

5.9CVSS6.5AI score0.00573EPSS
Exploits2References12
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•15 views

SUSE CVE-2022-50697

In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...

7CVSS6.5AI score0.00196EPSS
Exploits0References30
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•6 views

SUSE CVE-2022-50698

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219registerdaiclks If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, clean up partial iterations before doing the goto. So add a...

5.5CVSS6.4AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•6 views

SUSE CVE-2022-50699

In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...

5.5CVSS6.5AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•7 views

SUSE CVE-2022-50700

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On WCN3990, we are seeing a rare scenario where copy engine hardware is sending a copy complete interrupt to the host driver while still processing the buffer that the driver has...

7.8CVSS6.7AI score0.00167EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•11 views

SUSE CVE-2022-50701

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...

5.5CVSS6.5AI score0.00167EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•10 views

SUSE CVE-2022-50702

In the Linux kernel, the following vulnerability has been resolved: vdpasim: fix possible memory leak in vdpasimnetinit and vdpasimblkinit Inject fault while probing module, if deviceregister fails in vdpasimnetinit or vdpasimblkinit, but the refcount of kobject is not decreased to 0, the name...

5.5CVSS6.5AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•3 views

SUSE CVE-2022-50703

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: smsm: Fix refcount leak bugs in qcomsmsmprobe There are two refcount leak bugs in qcomsmsmprobe: 1 The 'localnode' is escaped out from foreachchildofnode as the break of iteration, we should call ofnodeput for it in...

5.5CVSS6.5AI score0.00196EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•5 views

SUSE CVE-2022-50704

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the -pullup callback, or the hardware encounters a low probability fault...

5.5CVSS6.5AI score0.0017EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•6 views

SUSE CVE-2022-50705

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the taskwork for this request. That avoids valid...

5.5CVSS6.5AI score0.00167EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•11 views

SUSE CVE-2022-50706

In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...

5.5CVSS6.4AI score0.00173EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•9 views

SUSE CVE-2022-50707

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...

6.5AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•7 views

SUSE CVE-2022-50708

In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: fix potential resource leak in ssippnopen ssippnopen claims the HSI client's port with hsiclaimport. When hsiregisterportevent gets some error and returns a negetive value, the HSI client's port should be releas...

6.5AI score0.00167EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•5 views

SUSE CVE-2022-50709

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...

6.1CVSS6.4AI score0.00181EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•10 views

SUSE CVE-2022-50710

In the Linux kernel, the following vulnerability has been resolved: ice: set txtstamps when creating new Tx rings via ethtool When the user changes the number of queues via ethtool, the driver allocates new rings. This allocation did not initialize txtstamps. This results in the txtstamps field...

4.4CVSS6.4AI score0.00168EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•11 views

SUSE CVE-2022-50711

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible memory leak in mtkprobe If mtkwedaddhw has been called, mtkwedexit needs be called in error path or removing module to free the memory allocated in mtkwedaddhw...

6.5AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•5 views

SUSE CVE-2022-50712

In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlinkregionsnapshotdel+0x12e/0x140 CPU...

5.5CVSS6.3AI score0.00198EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•14 views

SUSE CVE-2022-50713

In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in viscontiregisterpll @pll-ratetable has allocated memory by kmemdup, if clkhwregister fails, it should be freed, otherwise it will cause memory leak issue, this patch fixes it...

6.5AI score0.00198EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•12 views

SUSE CVE-2022-50714

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76dev in mt7921pciremove. We should make sure the drvdata i...

7CVSS6.4AI score0.00203EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•8 views

SUSE CVE-2022-50715

In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdxraid1 thread were not stop, Even if the associated resources have been released. it wi...

5.5CVSS6.3AI score0.00239EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•13 views

SUSE CVE-2022-50716

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

6.6CVSS6.5AI score0.00239EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•5 views

SUSE CVE-2022-50717

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmettcphandleh2cdatapdu, add a bounds check to avoid out-of-bounds access...

7CVSS6.5AI score0.00211EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•5 views

SUSE CVE-2022-50718

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pcigetdomainbusandslot says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pcidevput. So...

5.5CVSS6.5AI score0.002EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•4 views

SUSE CVE-2022-50719

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6miditransmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device...

5.1CVSS7AI score0.00258EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•19 views

SUSE CVE-2022-50720

In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and Extended APIC or x2APIC. X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped APIC interface in favor...

6.3AI score0.00203EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•11 views

SUSE CVE-2022-50721

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prepslavesg The calling convention for preslavesg is to return NULL on error and provide an error log to the system. Qcom-adm instead provide error pointer when an error occur...

7CVSS6.4AI score0.00198EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•6 views

SUSE CVE-2022-50722

In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...

5.5CVSS6.4AI score0.00203EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•6 views

SUSE CVE-2022-50723

In the Linux kernel, the following vulnerability has been resolved: bnxten: fix memory leak in bnxtnvmtest Free the kzalloc'ed buffer before returning in the success path...

7CVSS6.7AI score0.00189EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•6 views

SUSE CVE-2022-50724

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulatorregister I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, ofnodeget/ofnodeput unbalanced - destroy cset...

5.5CVSS6.8AI score0.00221EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•19 views

SUSE CVE-2022-50725

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...

6.5AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•6 views

SUSE CVE-2022-50726

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

7CVSS6.6AI score0.002EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•5 views

SUSE CVE-2022-50727

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

5.5CVSS6.5AI score0.00206EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•9 views

SUSE CVE-2022-50728

In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcsstartxmit With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid ...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References8
Total number of security vulnerabilities59855