Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SUSE — Vulnerabilities & Security Advisories 185

Browse all 185 CVE security advisories affecting SUSE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by SUSE:RancherSUSE Linux Enterprise Server 12neuvectoropenSUSE Tumbleweedopen build servicesupportutilsopenSUSE FactorylibzyppSUSE Linux Enterprise Server 15SUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise Module for SUSE Manager Server 4.2SUSE Linux Enterprise Server 11-SP4-LTSSContainer suse/manager/5.0/x86_64/server:5.0.4.7.19.1Studio onsiteContainer suse/manager/5.0/x86_64/server:5.0.2.7.8.1harvesterSUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise ServerSUSE Linux Enterprise Server 11SUSE Linux Enterprise Module for Desktop Applications 15-SP1SUSE Enterprise Storage 5SUSE Manager Server 4.1SUSE CaaS Platform 4.5LonghornSUSE Linux Enterprise Server 12-SP5SUSE Linux Enterprise Server 15 SP1Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Server for SAP 15hackweek
CVE IDTitleCVSSSeverityPublished
CVE-2025-46802 Temporary chown() of users' TTY to mode 0666 allows PTY hijacking in screen — SUSE Linux Enterprise Micro 5.3 6.0 Medium2025-05-26
CVE-2023-32197 Rancher's External RoleTemplates can lead to privilege escalation — rancherCWE-269 6.6 Medium2025-04-16
CVE-2024-22036 Rancher Remote Code Execution via Cluster/Node Drivers — rancherCWE-269 9.1 Critical2025-04-16
CVE-2024-52281 Stored Cross-site Scripting vulnerability in Rancher UI — rancherCWE-79 8.9 High2025-04-16
CVE-2024-52280 Users can issue watch commands for arbitrary resources — rancherCWE-200 7.7 High2025-04-11
CVE-2024-52282 Rancher Helm Applications may have sensitive values leaked — rancherCWE-200 6.2 Medium2025-04-11
CVE-2025-23387 Rancher's SAML-based login via CLI can be denied by unauthenticated users — rancherCWE-200 5.3 Medium2025-04-11
CVE-2025-23388 Unauthenticated stack overflow in /v3-public/authproviders API — rancherCWE-121 8.2 High2025-04-11
CVE-2025-23389 Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login — rancherCWE-284 8.4 High2025-04-11
CVE-2025-23391 Rancher: Restricted Administrator can change Administrator's passwords — rancherCWE-266 9.1 Critical2025-04-11
CVE-2025-23386 gerbera: Privilege escalation from user gerbera to root because of insecure %post script — openSUSE TumbleweedCWE-276 7.8 High2025-04-10
CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service — SUSE Manager Server 5.0CWE-497 5.5 Medium2024-11-28
CVE-2024-22038 DoS attacks, information leaks etc. with crafted Git repositories in obs-scm-bridge — openSUSE FactoryCWE-59 7.3 High2024-11-28
CVE-2024-49502 Reflected XSS in Setup Wizard, HTTP Proxy credentials pane in spacewalk-web — Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1CWE-79 3.5 Low2024-11-28
CVE-2024-49503 Reflected XSS in Setup Wizard, Organization Credentials in spacewalk-web — Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1CWE-79 3.5 Low2024-11-28
CVE-2024-52283 SUSE hackweek 跨站脚本漏洞 — hackweekCWE-79 5.7 Medium2024-11-28
CVE-2024-49504 grub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted Images — openSUSE Tumbleweed 4.9AIMediumAI2024-11-13
CVE-2022-45157 Exposure of vSphere's CPI and CSI credentials in Rancher — rancherCWE-522 9.1 Critical2024-11-13
CVE-2023-32189 Insecure handling SSH key in SUSE Manager when bootstrapping new clients — SUSE Manager Server Module 4.3 5.9 Medium2024-10-16
CVE-2024-22034 Crafted projects can overwrite special files in the .osc config directory — SUSE Linux Enterprise Desktop 15 SP5 5.5 Medium2024-10-16
CVE-2024-22033 obs-service-download_url is vulnerable to argument injection — SUSE Package Hub 15 SP5CWE-78 6.3 Medium2024-10-16
CVE-2024-22032 Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec — rancherCWE-200 6.5 Medium2024-10-16
CVE-2024-22030 Rancher agents can be hijacked by taking over the Rancher Server URL — rancherCWE-295 8.0 High2024-10-16
CVE-2024-22029 tomcat packaging allows for escalation to root from tomcat user — Container suse/manager/5.0/x86_64/server:5.0.0-beta1.2.122CWE-732 7.8 High2024-10-16
CVE-2023-32196 Rancher's External RoleTemplates can lead to privilege escalation — rancherCWE-269 6.6 Medium2024-10-16
CVE-2023-32194 Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' — rancherCWE-269 7.2 High2024-10-16
CVE-2023-32193 Norman API Cross-site Scripting Vulnerability — normanCWE-80 8.3 High2024-10-16
CVE-2023-32192 Rancher API Server Cross-site Scripting Vulnerability — apiserverCWE-80 8.3 High2024-10-16
CVE-2023-32191 rke's credentials are stored in the RKE1 Cluster state ConfigMap — rkeCWE-922 9.9 Critical2024-10-16
CVE-2023-32190 mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable — openSUSE Tumbleweed 6.5 -2024-10-16

This page lists every published CVE security advisory associated with SUSE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.