Suse package hub
This hub aggregates every CVE we track for Suse package hub, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
103
CVEs tracked
8
Critical
62
High
3
In CISA KEV
Severity distribution
HIGH62MEDIUM33CRITICAL8
Monthly trend
8
16
2
5
0
1
17
1
5
1
0
1
1
3
1
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Suse package hub.
- CVE-2025-57833An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, wi...7.1
- CVE-2025-9732DCMTK dcm2img diybrpxt.h memory corruption5.3
- CVE-2025-9478Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)8.8
- CVE-2025-50952openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.6.5
- CVE-2025-53547Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution8.5
- CVE-2025-48432An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potential...4.0
- CVE-2025-22872Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net6.5
- CVE-2025-3015Open Asset Import Library Assimp ASE File ASELoader.cpp BuildUniqueRepresentation out-of-bounds6.3
- CVE-2025-30204jwt-go allows excessive memory allocation during header parsing7.5
- CVE-2025-2592Open Asset Import Library Assimp CSMLoader.cpp InternReadFile heap-based overflow6.3
- CVE-2025-2591Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 divide by zero4.3
- CVE-2025-26699An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-s...5.0
- CVE-2025-27144Go JOSE's Parsing Vulnerable to Denial of Service7.5
- CVE-2025-24530An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.6.4
- CVE-2025-24529An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.6.4
Product normalization is registry-driven with AI assist and human review. How it works