openSUSE Leap 15.6

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14636-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-48651 CVE-2024-57392 Upstream summary: In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14627-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-12798 CVE-2026-1225 CVE-2025-11226 CVE-2024-12801 Upstream summary: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14631-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-11614 CVE-2025-23259 Upstream summary: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:0005-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-37305 CVE-2024-54137 CVE-2024-36405 Upstream summary: oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14997-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-56201 CVE-2024-56326 CVE-2025-27516 CVE-2024-22195 CVE-2024-34064 Upstream summary: Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14611-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-40896 Upstream summary: In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14601-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-25885 Upstream summary: An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14581-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-12254 CVE-2024-4030 Upstream summary: Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory ESSA-2024:0627 (see also SUSE bugzilla) Related CVEs: CVE-2023-31315 Upstream summary: Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14543-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22038 Upstream summary: Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service. Table […]