Lucene search
K
SusecveRecent

59178 matches found

SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-48750

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-48751

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-48752

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-48753

unknown...

5.7AI score0.00091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-48754

unknown...

5.7AI score0.00025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-48755

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-48756

unknown...

5.7AI score0.00025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-48769

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•8 views

SUSE CVE-2026-48802

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-48804

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-48809

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-53086

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix racing timeout handler The bcmgenettimeout handler tries to take down all tx queues when a single queue times out. This is over zealous and causes many race conditions with queues that are still chugging along...

9.8CVSS5.8AI score0.00386EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-53087

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-53090

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-53091

In the Linux kernel, the following vulnerability has been resolved: net: pull headers in qdiscpktlensegsinit Most ndostartxmit methods expects headers of gso packets to be already in skb-head. net/core/tso.c users are particularly at risk, because tsobuildhdr does a memcpyhdr, skb-data, hdrlen;...

8.4CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-53092

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

7.8CVSS5.5AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-53108

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unmap race with PMD migration entries The following race is possible with migration swap entries or device-private THP entries. e.g. when movepages is called on a PMD THP page, then there maybe an intermediate...

5.8AI score0.00151EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.8AI score0.00175EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-54371

attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory hierarchy traversal. Attackers who control a pathname component ca...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•9 views

SUSE CVE-2026-55371

unknown...

5.7AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-57965

A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability can lead to a heap buffer overflow, causing the spice-vdagent daemon to crash and resulting in a Denial of Service DoS for the virtua...

5.1CVSS5.9AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-57966

A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not properly sanitized...

4.4CVSS5.9AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.7AI score0.00217EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•5 views

SUSE CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•6 views

SUSE CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•6 views

SUSE CVE-2026-58055

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2 days ago•4 views

SUSE CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS5.9AI score0.00278EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•7 views

SUSE CVE-2026-53278

In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53279

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53280

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•7 views

SUSE CVE-2026-53281

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...

8.8CVSS5.8AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•5 views

SUSE CVE-2026-53282

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After...

5.8AI score0.00166EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53283

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53284

In the Linux kernel, the following vulnerability has been resolved: btrfs: only release the dirty pages io tree after successful writes WARNING With extra warning on dirty extent buffers at umount aka, the next patch in the series, test case generic/388 can trigger the following warning about dir...

7.5CVSS6AI score0.00432EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 4 days ago•7 views

SUSE CVE-2026-53285

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap DCN32 phantom-plane allocation in DCRUNWITHPREEMPTIONENABLED Why dcn32validatebandwidth wraps dcn32internalvalidatebw with DCFPSTART/DCFPEND. In x86 non-RT, DCFPSTART takes fpregslock, which disables local...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53286

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

5.8AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

5.8AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53288

In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of data, end segment may overflow into the next page of initpgend1 which is the gap page before earlyinitstack2: 1 crasharm64v9.0.1 vtop ffffffed00601000 VIRTUA...

5.9AI score0.00168EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 4 days ago•8 views

SUSE CVE-2026-53289

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM firmware update via nvmupdate64e, icevsirebuild tears down the VSI on its...

5.8AI score0.00172EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53290

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53291

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

5.8AI score0.00172EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53292

In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53293

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g. copytouser was called while holding the lock. Then we allocated memory...

5.8AI score0.00168EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 4 days ago•7 views

SUSE CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

5.8AI score0.00177EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 4 days ago•7 views

SUSE CVE-2026-53295

In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...

5.8AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•8 views

SUSE CVE-2026-53296

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...

5.8AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53297

In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•6 views

SUSE CVE-2026-53298

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...

5.8AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 4 days ago•7 views

SUSE CVE-2026-53299

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainittx If queue entry list allocation fails in airohaqdmainittxqueue routine, airohaqdmacleanuptxqueue will trigger a NULL pointer dereference accessing the queue entry...

5.8AI score0.00166EPSS
Exploits0References2
Total number of security vulnerabilities59178