Browse all 185 CVE security advisories affecting suse. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SUSE operates primarily as a provider of enterprise Linux distributions and cloud-native solutions, serving critical infrastructure in hybrid and multi-cloud environments. With 185 recorded CVEs, its vulnerability profile reflects the complexity of managing large-scale open-source codebases. Historically, common flaw classes include remote code execution (RCE), buffer overflows, and privilege escalation vulnerabilities, often stemming from misconfigurations or outdated dependencies within its core operating system components. Notable security characteristics involve its focus on container security and Kubernetes integration, which introduces attack surfaces related to orchestration layers. While no single catastrophic incident defines its history, the sheer volume of vulnerabilities highlights the ongoing challenge of maintaining security in widely deployed, long-term support releases. This necessitates rigorous patch management and continuous monitoring to mitigate risks associated with its extensive ecosystem of integrated services and third-party libraries.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-7685 | libzypp does not reevaluate malicious rpms once downloaded — libzyppCWE-358 | 9.8 | - | 2018-08-31 |
| CVE-2017-7435 | libzypp accepts unsigned 3rd party repo without warning — libzypp | 8.1 | - | 2018-03-01 |
| CVE-2017-7436 | libzypp accepts unsigned packages even when configured to check signatures — libzypp | 8.1 | - | 2018-03-01 |
| CVE-2017-9269 | lack of keypinning in libzypp could lead to repository switching — libzypp | 9.8 | - | 2018-03-01 |
This page lists every published CVE security advisory associated with suse. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.