openSUSE Leap 15.6

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2576-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-43090 CVE-2024-36472 Upstream summary: A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0206-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-6126 Upstream summary: A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-22033 Upstream summary: The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02037-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38526 Upstream summary: pdoc provides API Documentation for Python Projects. Documentation generated with `pdoc –math` linked to JavaScript files from polyfill.io. The polyfill.io CDN […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2401-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-13225 Upstream summary: A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-202410:15282-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-5569 Upstream summary: A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2246-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-33394 Upstream summary: An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6908 (see also SUSE bugzilla) Related CVEs: CVE-2024-24791 CVE-2024-24789 CVE-2024-24790 CVE-2024-24787 Upstream summary: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2105-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-29158 CVE-2024-29161 CVE-2024-29166 CVE-2024-32608 CVE-2024-32610 CVE-2024-32614 CVE-2024-32619 CVE-2024-32620  +5 more Upstream summary: HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2168-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38394 Upstream summary: Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic […]