suse

1,208 tracked vulnerabilities.

CVE-2026-44933 HIGH
SUSE Linux Enterprise 17.38.8 - Path Traversal via PluginScript Chroot Bypass
May 20, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41054 HIGH
Missing exit out of permission check in haveged could lead to root exploit
May 20, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41051 MEDIUM
csync2 uses insecure temporary directories when compiled with C99 or later
May 13, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-41050 CRITICAL
Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering
May 13, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-25705 HIGH
Rancher Extensions have arbitrary file access via path traversal
May 13, 2026
CVSS 8.4
EPSS 0.00
CVE-2026-31431 HIGH KEV
crypto: algif_aead - Revert to operating out-of-place
Apr 22, 2026
CVSS 7.8
EPSS 0.03
CVE-2026-25702 HIGH
SUSE Linux Enterprise Server 12 SP5 - Auth Bypass
Mar 05, 2026
CVSS 7.3
EPSS 0.00
CVE-2025-62879 MEDIUM
Rancher Backup Operator - Info Disclosure
Mar 04, 2026
CVSS 6.8
EPSS 0.00
CVE-2025-67860 LOW
NeuVector Scanner - Info Disclosure
Feb 25, 2026
CVSS 3.8
EPSS 0.00
CVE-2025-67601 HIGH
Rancher Manager - Improper Certificate Validation via CLI Login Command
Feb 25, 2026
CVSS 8.3
EPSS 0.00
CVE-2025-62878 CRITICAL
Rancher local-path-provisioner < 0.0.34 - Path Traversal via pathPattern Parameter
Feb 25, 2026
CVSS 9.9
EPSS 0.00
CVE-2025-62877 CRITICAL
SUSE Virtualization (Harvester) <1.5.x,1.6.x - Info Disclosure
Jan 08, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-66001 HIGH
NeuVector 5.3.0-5.4.7 - Improper Certificate Validation in OpenID Connect
Jan 08, 2026
CVSS 8.8
EPSS 0.00
CVE-2025-62876 MEDIUM
lightdm-kde-greeter <6.0.4 - Privilege Escalation
Nov 12, 2025
EPSS 0.00
CVE-2025-53883 CRITICAL
Container suse/manager/5.0/x86_64/server:latest - Basic XSS
Oct 30, 2025
EPSS 0.00
CVE-2025-53880 HIGH
SUSE Manager Proxy - Path Traversal and Arbitrary File Write via tftpsync Scripts
Oct 30, 2025
EPSS 0.00
CVE-2025-54471 MEDIUM
NeuVector 5.3.0-5.4.6 - Use of Hard-coded Cryptographic Key
Oct 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-54470 HIGH
NeuVector 5.3.0-5.3.4, 5.4.0-5.4.6 - Certificate Validation Bypass and DoS via Telemetry
Oct 30, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-54469 CRITICAL
NeuVector 5.3.0-5.3.4/5.4.0-5.4.6 OS Command Injection via CLUSTER_RPC_PORT/CLUSTER_LAN_PORT
Oct 30, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-54468 MEDIUM
Rancher 2.9.0-2.12.1 Sensitive Information Exposure via Impersonate-Extra Headers
Oct 02, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-8077 CRITICAL
NeuVector <= 5.4.5 - Use of Default Password for Admin Account
Sep 17, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-54467 MEDIUM
NeuVector 5.0.0-5.4.5 - Insufficiently Protected Credentials in Security Event Log
Sep 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-53884 MEDIUM
NeuVector 5.0.0-5.4.5 - Use of a One-Way Hash without a Salt
Sep 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-46809 MEDIUM
SUSE Manager Proxy and Server 4.3 - Plaintext Password Storage in Log Files
Jul 31, 2025
CVSS 5.7
EPSS 0.00
CVE-2025-46811 CRITICAL
SUSE Linux Manager <5.0.27 - Privilege Escalation
Jul 30, 2025
CVSS 9.8
EPSS 0.03
Products
linux_enterprise_server 474 linux_enterprise_desktop 461 linux_enterprise_software_development_kit 296 suse_linux 208 suse_linux_enterprise_server 129 linux_enterprise_workstation_extension 105 linux_enterprise 97 suse_linux_enterprise_desktop 81 linux_enterprise_real_time_extension 58 linux_enterprise_debuginfo 54 rancher 50 package_hub 39 suse_linux_enterprise_software_development_kit 35 openstack_cloud 33 linux_enterprise_high_availability_extension 28 manager 22 studio_onsite 22 linux_enterprise_sdk 19 manager_proxy 19 suse_linux_workstation_extension 17 linux_enterprise_point_of_sale 12 manager_server 12 linux_enterprise_high_performance_computing 9 openSUSE Tumbleweed 9 neuvector 8 SUSE Manager Server Module 4.3 7 caas_platform 7 linux_enterprise_real_time 7 linux_enterprise_server_for_sap 6 suse_email_server 6
Quick Filters
Critical CVEs With Exploits In CISA KEV