Linux enterprise server

This hub aggregates every CVE we track for Linux enterprise server, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Linux enterprise server.

• CVE-2026-31431crypto: algif_aead - Revert to operating out-of-placeKEV7.8Apr 22, 2026
• CVE-2024-46951An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.7.8Nov 10, 2024
• CVE-2024-46956An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.7.8Nov 10, 2024
• CVE-2024-46955An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.5.5Nov 10, 2024
• CVE-2024-46953An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, a...7.8Nov 10, 2024
• CVE-2023-29552The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial...KEV7.5Apr 25, 2023
• CVE-2023-23005In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is ...5.5Mar 1, 2023
• CVE-2022-45153saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls7.0Feb 15, 2023
• CVE-2022-31252permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()4.4Oct 6, 2022
• CVE-2022-27239In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.7.8Apr 27, 2022
• CVE-2021-45082An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substri...7.8Feb 18, 2022
• CVE-2021-4034A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users acc...KEV7.8Jan 28, 2022
• CVE-2002-20001The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-e...7.5Nov 11, 2021
• CVE-2021-32000clone-master-clean-up: dangerous file system operations3.2Jul 28, 2021
• CVE-2018-10195lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.7.1Jun 2, 2021