openSUSE Tumbleweed

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1637-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-4041 CVE-2015-4042 CVE-2025-5278 CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 CVE-2024-0684 Upstream summary: The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:023 (see also SUSE bugzilla) Related CVEs: CVE-2010-2941 CVE-2012-6094 CVE-2026-34990 CVE-2025-58060 CVE-2024-35235 CVE-2023-4504 CVE-2023-34241 CVE-2022-26691  +12 more Upstream summary: ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-1000005 CVE-2018-1000301 CVE-2026-1965 CVE-2025-9086 CVE-2024-6197 CVE-2023-38545 CVE-2023-38039 CVE-2023-23914  +12 more Upstream summary: libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2012:0311-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-0804 CVE-2017-12836 Upstream summary: Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1905-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-12594 CVE-2019-7165 Upstream summary: DOSBox 0.74-2 has Incorrect Access Control. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2016:2861-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-9063 CVE-2026-32776 CVE-2026-32777 CVE-2025-59375 CVE-2024-8176 CVE-2024-28757 CVE-2022-43680 CVE-2022-40674  +12 more Upstream summary: An integer overflow during the parsing of XML using the Expat library. This […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-16840 CVE-2025-63757 CVE-2025-59728 CVE-2022-48434 CVE-2024-7055 CVE-2024-7272 CVE-2023-50009 CVE-2023-50010  +12 more Upstream summary: The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0677-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-18218 CVE-2007-1536 CVE-2007-2799 CVE-2012-1571 CVE-2014-3710 CVE-2014-8116 CVE-2014-8117 CVE-2017-1000249  +3 more Upstream summary: cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-5429 CVE-2013-4206 CVE-2013-4207 CVE-2013-4208 Upstream summary: Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1208-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-17367 CVE-2020-17368 CVE-2022-31214 CVE-2017-5180 CVE-2017-5207 CVE-2016-7545 CVE-2017-5206 CVE-2019-12589 Upstream summary: Firejail through 0.9.62 does not honor the — end-of-options indicator after the –output option, which […]