openSUSE Tumbleweed

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0054-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-35458 CVE-2021-25314 Upstream summary: An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0097-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-28371 Upstream summary: In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2019-15151 CVE-2019-14690 CVE-2019-14691 CVE-2019-14734 CVE-2019-14692 CVE-2019-14732 CVE-2019-14733 Upstream summary: AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h. Table of contents Symptom & Impact Environment & […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-26463 CVE-2026-35328 CVE-2026-35332 CVE-2026-25075 CVE-2025-62291 CVE-2021-41990 CVE-2021-41991 CVE-2013-6075  +12 more Upstream summary: strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0453-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-20032 CVE-2010-1205 CVE-2025-20260 CVE-2024-20505 CVE-2024-20380 CVE-2023-40477 CVE-2023-20197 CVE-2022-20771  +12 more Upstream summary: On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:1459-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-25725 CVE-2026-26081 CVE-2024-45506 CVE-2018-20103 CVE-2018-20615 CVE-2019-14241 CVE-2020-11100 CVE-2021-39240  +12 more Upstream summary: HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:348-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-25147 CVE-2017-12618 Upstream summary: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-45299 CVE-2026-44216 CVE-2026-34941 CVE-2026-34943 CVE-2026-34988 CVE-2026-35186 CVE-2026-34945 Upstream summary: An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0080-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-41556 Upstream summary: sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:15101-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-44900 Upstream summary: A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files […]