Suse package hub for suse linux enterprise
This hub aggregates every CVE we track for Suse package hub for suse linux enterprise, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
264
CVEs tracked
16
Critical
114
High
2
In CISA KEV
Severity distribution
MEDIUM132HIGH114CRITICAL16LOW2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Suse package hub for suse linux enterprise.
- CVE-2021-23980A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed ...6.1
- CVE-2022-3370Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)8.8
- CVE-2022-3373Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)8.8
- CVE-2022-3559Exim Regex use after free4.6
- CVE-2022-0699A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control ...9.8
- CVE-2022-37797In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the ...7.5
- CVE-2022-0301Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafte...7.8
- CVE-2022-0294Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML ...6.5
- CVE-2022-0292Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a craft...6.5
- CVE-2021-38002Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.9.6
- CVE-2021-38001Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8
- CVE-2021-37999Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.6.1
- CVE-2021-37998Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.8.8
- CVE-2021-37997Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.8.8
- CVE-2021-30615Chromium: CVE-2021-30615 Cross-origin data leak in Navigation6.5
Product normalization is registry-driven with AI assist and human review. How it works