Suse Security Vulnerabilities (CVEs)

Track 24 security vulnerabilities affecting Suse products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

4 Critical

18 High

2 Medium

Sort by:

🔔 Get Alerts for Suse

CVE-2025-62879 6.8

CVE-2025-62879 is a sensitive information disclosure vulnerability in Rancher Backup Operator where S3 access tokens (accessKey and secretKey) are lea...

Mar 4, 2026

CVE-2025-6018 7.8

This CVE-2025-6018 is a Local Privilege Escalation vulnerability in pam-config that allows unprivileged local users (e.g., SSH users) to gain elevated...

Jul 23, 2025

CVE-2025-32463 9.3

This vulnerability in Sudo allows local users to escalate privileges to root by exploiting the --chroot option to load a malicious /etc/nsswitch.conf ...

Jun 30, 2025

CVE-2024-12085 7.5

This vulnerability in rsync allows attackers to leak uninitialized stack memory one byte at a time by manipulating checksum length during file compari...

Jan 14, 2025

CVE-2024-12086 6.1

This rsync vulnerability allows a malicious server to read arbitrary files from a client's machine during file transfer operations. Attackers can reco...

Jan 14, 2025

CVE-2024-46956 7.8

This vulnerability in Ghostscript allows out-of-bounds memory access in the filenameforall function, which could lead to arbitrary code execution. It ...

Nov 10, 2024

CVE-2020-10676 8.8

This vulnerability in Rancher 2.x allows users with namespace access to move namespaces between projects without proper authorization. It affects Ranc...

Dec 12, 2023

CVE-2022-43760 8.4

This stored XSS vulnerability in SUSE Rancher allows authenticated users with write permissions to inject malicious scripts that execute in administra...

Jun 1, 2023

CVE-2023-22647 9.9

This CVE-2023-22647 vulnerability in SUSE Rancher allows standard users with existing permissions to manipulate Kubernetes secrets in the local cluste...

Jun 1, 2023

CVE-2023-22651 9.9

A privilege escalation vulnerability in SUSE Rancher allows attackers to bypass admission webhook security checks and gain elevated privileges in Kube...

May 4, 2023

CVE-2022-21953 7.4

This CVE-2022-21953 is a missing authorization vulnerability in SUSE Rancher that allows authenticated users to create unauthorized shell pods and gai...

Feb 7, 2023

CVE-2022-43755 7.1

CVE-2022-43755 is an insufficient entropy vulnerability in SUSE Rancher that allows attackers who have previously obtained a cattle-token to continue ...

Feb 7, 2023

CVE-2022-43757 9.9

CVE-2022-43757 is a cleartext storage vulnerability in SUSE Rancher that allows users on managed clusters to access sensitive credentials stored witho...

Feb 7, 2023

CVE-2022-43759 7.2

This vulnerability in SUSE Rancher allows authenticated users with 'escalate' permissions on PRTBs (Project Role Template Bindings) to escalate their ...

Feb 7, 2023

CVE-2022-21952 7.5

CVE-2022-21952 is a missing authentication vulnerability in SUSE Manager Server's spacewalk-java component that allows remote attackers to trigger dis...

Jun 22, 2022

CVE-2021-36784 7.2

This vulnerability allows users with the restricted-admin role in SUSE Rancher to escalate their privileges to full administrator access. It affects S...

May 2, 2022

CVE-2022-27239 7.8

A stack-based buffer overflow vulnerability in cifs-utils versions through 6.14 allows local attackers to escalate privileges to root when parsing the...

Apr 27, 2022

CVE-2021-4034 7.8

CVE-2021-4034 (PwnKit) is a local privilege escalation vulnerability in polkit's pkexec utility that allows unprivileged local users to gain root priv...

Jan 28, 2022

CVE-2021-41819 7.5

This vulnerability in Ruby's CGI::Cookie.parse function mishandles security prefixes in cookie names, allowing attackers to bypass cookie security mec...

Jan 1, 2022

CVE-2021-41817 7.5

CVE-2021-41817 is a regular expression denial of service (ReDoS) vulnerability in Ruby's date gem. Attackers can cause denial of service by sending sp...

Jan 1, 2022

CVE-2021-4166 7.1

CVE-2021-4166 is an out-of-bounds read vulnerability in Vim text editor that allows attackers to read memory contents beyond allocated buffers. This a...

Dec 25, 2021

CVE-2021-25321 7.8

This CVE describes a local privilege escalation vulnerability in arpwatch on SUSE Linux systems. Attackers with control of the runtime user can create...

Jun 30, 2021

CVE-2018-10195 7.1

This vulnerability in lrzsz (a file transfer tool) allows information leakage to the receiving side due to an integer overflow in the zsdata function....

Jun 2, 2021

CVE-2021-25314 7.8

CVE-2021-25314 is a local privilege escalation vulnerability in hawk2 component of SUSE Linux Enterprise High Availability. It allows local attackers ...

Apr 14, 2021

Why Monitor Suse Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 24+ known vulnerabilities affecting Suse products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Suse packages in under 60 seconds. No agents required - completely agentless scanning that works across Suse deployments.

Free vulnerability database: Access detailed information about every Suse CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Suse CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Suse CVEs Free