openSUSE Tumbleweed

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0128-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-3914 CVE-2024-11477 CVE-2025-24201 CVE-2025-2783 CVE-2022-27405 CVE-2021-30587 Upstream summary: Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0119-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49606 CVE-2026-3945 CVE-2022-40468 CVE-2017-11747 CVE-2012-3505 Upstream summary: A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:198-1 Related CVEs: CVE-2019-19391 Upstream summary: In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0106-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-3119 CVE-2024-3120 CVE-2024-35434 Upstream summary: A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-22423 CVE-2024-38519 CVE-2023-35934 CVE-2023-46121 Upstream summary: yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-27319 CVE-2024-27318 Upstream summary: Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-52138 Upstream summary: Engrampa is an archive manager for the MATE environment. Engrampa is found to be vulnerable to a Path Traversal vulnerability that can […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0769-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-1597 CVE-2025-49146 CVE-2022-31197 CVE-2022-41946 CVE-2022-26520 Upstream summary: pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0323-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-21646 CVE-2024-27099 CVE-2024-25110 Upstream summary: Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-49934 CVE-2019-6438 CVE-2025-43904 CVE-2023-49936 CVE-2023-49937 CVE-2023-41914 CVE-2022-29501 CVE-2022-29500  +12 more Upstream summary: An issue was discovered in SchedMD Slurm 23.11.x. There is SQL Injection against […]