Known Vulnerabilities for products from Suse

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Suse".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-44946 json A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time u... Not Provided 2026-06-30 2026-07-02
CVE-2026-44937 json Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 bef... Not Provided 2026-07-06 2026-07-09
CVE-2026-44936 json Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.... Not Provided 2026-07-06 2026-07-09
CVE-2026-44935 json Not Provided 2026-07-02 2026-07-03
CVE-2026-44934 json Not Provided 2026-07-06 2026-07-06
CVE-2026-44543 json Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a ... Not Provided 2026-05-28 2026-06-08
CVE-2026-41053 json Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it gr... Not Provided 2026-06-30 2026-07-02
CVE-2026-41052 json Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14... Not Provided 2026-06-29 2026-07-02
CVE-2026-23025 json Not Provided 2026-01-31 2026-06-02
CVE-2025-71261 json Not Provided 2026-06-16 2026-06-16
CVE-2025-6018 json A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modu... Not Provided 2025-07-23 2026-06-30
CVE-2024-23301 json 5.5 - MEDIUM 2024-01-12 2024-02-03
CVE-2024-12087 json A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-ena... Not Provided 2025-01-14 2026-06-30
CVE-2024-12086 json A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. ... Not Provided 2025-01-14 2026-06-30
CVE-2024-12085 json A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipu... Not Provided 2025-01-14 2026-06-29
CVE-2023-34256 json ** DISPUTED ** An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16... 5.5 - MEDIUM 2023-05-31 2023-11-15
CVE-2023-32186 json A Allocation of Resources Without Limits or Throttling vulnerability in SUSE RKE2 allows attackers with access to K3s server... 7.5 - HIGH 2023-09-19 2023-09-22
CVE-2023-32182 json A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 p... 7.8 - HIGH 2023-09-19 2023-09-25
CVE-2023-29552 json The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This... 7.5 - HIGH 2023-04-25 2023-05-04
CVE-2023-23005 json ** DISPUTED ** In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it... 5.5 - MEDIUM 2023-03-01 2023-11-07

Known software with vulnerabilities from Suse

Type Vendor Product Version
ApplicationSuseCaas Platform3.0
ApplicationSuseCloud1.0
ApplicationSuseEnterprise Storage5.0
ApplicationSuseInn-
ApplicationSuseKeystone-json-assignment-
ApplicationSuseKiwi4.85
ApplicationSuseLifecycle Management Server1.3
Operating
System
SuseLinux-
Operating
System
SuseLinux Enterprise12.0
ApplicationSuseLinux Enterprise Debuginfo10
Operating
System
SuseLinux Enterprise Desktop-
Operating
System
SuseLinux Enterprise High Availability Extension11
Operating
System
SuseLinux Enterprise High Performance Computing15
ApplicationSuseLinux Enterprise High Performance Computing15.0
ApplicationSuseLinux Enterprise Module For Legacy12
ApplicationSuseLinux Enterprise Point Of Sale11
Operating
System
SuseLinux Enterprise Real Time11
Operating
System
SuseLinux Enterprise Real Time Extension10
Operating
System
SuseLinux Enterprise Sdk11
Operating
System
SuseLinux Enterprise Server-
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report