Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SUSE — Vulnerabilities & Security Advisories 185

Browse all 185 CVE security advisories affecting SUSE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SUSE:RancherSUSE Linux Enterprise Server 12neuvectoropenSUSE Tumbleweedopen build servicesupportutilsopenSUSE FactorylibzyppSUSE Linux Enterprise Server 15SUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise Module for SUSE Manager Server 4.2SUSE Linux Enterprise Server 11-SP4-LTSSContainer suse/manager/5.0/x86_64/server:5.0.4.7.19.1Studio onsiteContainer suse/manager/5.0/x86_64/server:5.0.2.7.8.1harvesterSUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise ServerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Module for Desktop Applications 15-SP1SUSE Enterprise Storage 5SUSE Manager Server 4.1SUSE CaaS Platform 4.5LonghornSUSE Linux Enterprise Server 12-SP5SUSE Linux Enterprise Server 15 SP1Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Server for SAP 15hackweek
CVE IDTitleCVSSSeverityPublished
CVE-2026-25702 nftables disabled due to incorrect kernel backport — SUSE Linux Enterprise ServerCWE-284 7.3 High2026-03-05
CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens — RancherCWE-532 6.8 Medium2026-03-04
CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern — RancherCWE-23 9.9 Critical2026-02-25
CVE-2025-67601 Rancher CLI skips TLS verification on Rancher CLI login command — rancherCWE-295 8.3 High2026-02-25
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments — harvesterCWE-522 3.8 Low2026-02-25
CVE-2025-62877 Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer — harvesterCWE-1188 9.8 Critical2026-01-08
CVE-2025-66001 NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM) — neuvectorCWE-295 8.8 High2026-01-08
CVE-2025-62875 Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock — openSUSE TumbleweedCWE-754 5.5 -2025-11-20
CVE-2025-62876 LightDM KDE Greeter 安全漏洞 — openSUSECWE-250 7.8 -2025-11-12
CVE-2025-53883 spacewalk-java has various XSS issues on search page — Container suse manager 5.0CWE-80 6.1AIMediumAI2025-10-30
CVE-2025-53880 susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal — Container suse/manager/4.3/proxy-httpd:latestCWE-35 6.5AIMediumAI2025-10-30
CVE-2025-54471 NeuVector is shipping cryptographic material into its binary — neuvectorCWE-321 6.5 Medium2025-10-30
CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow — neuvectorCWE-78 9.9 Critical2025-10-30
CVE-2025-54470 NeuVector telemetry sender is vulnerable to MITM and DoS — neuvectorCWE-295 8.6 High2025-10-30
CVE-2024-58269 Rancher exposes sensitive information through audit logs — rancherCWE-532 4.3 Medium2025-10-29
CVE-2023-32199 Rancher user retains access to clusters despite Global Role removal — rancherCWE-281 4.3 Medium2025-10-29
CVE-2024-58260 Rancher update on users can deny the service to the admin — rancherCWE-863 7.6 High2025-10-02
CVE-2024-58267 Rancher CLI SAML authentication is vulnerable to phishing attacks — rancherCWE-345 8.0 High2025-10-02
CVE-2025-54468 Rancher sends sensitive information to external services through the `/meta/proxy` endpoint — rancherCWE-200 4.7 Medium2025-10-02
CVE-2025-8077 NeuVector admin account has insecure default password — neuvectorCWE-1393 9.8 Critical2025-09-17
CVE-2025-54467 NeuVector process with sensitive arguments lead to leakage — neuvectorCWE-522 5.3 Medium2025-09-17
CVE-2025-53884 NeuVector has an insecure password storage vulnerable to rainbow attack — neuvectorCWE-759 5.3 Medium2025-09-17
CVE-2024-58259 Rancher affected by unauthenticated Denial of Service — rancherCWE-770 8.2 High2025-09-02
CVE-2024-52284 Rancher Fleet Helm Values are stored inside BundleDeployment in plain text — RancherCWE-312 7.7 High2025-09-02
CVE-2025-46809 Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs — Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1CWE-256 5.7 Medium2025-07-31
CVE-2025-46811 SUSE Multi Linux Manager allows code execution via unprotected websocket endpoint — Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1CWE-862 9.8 Critical2025-07-30
CVE-2025-53882 The logrotate configuration in the python-mailman of openSUSE allows the mailman user to sent SIGHUP to arbitrary proceess — openSUSE TumbleweedCWE-807 4.4 Medium2025-07-23
CVE-2025-23393 Reflected XSS in spacewalk-java — Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1CWE-80 5.2 Medium2025-05-27
CVE-2025-23392 Reflected XSS in SystemsController.java in spacewalk-java — Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1CWE-80 5.2 Medium2025-05-26
CVE-2025-23394 daily-backup.sh script in cyrus-imapd allows escalation from cyrus to root — openSUSE TumbleweedCWE-61 8.4AIHighAI2025-05-26

This page lists every published CVE security advisory associated with SUSE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.