openSUSE Tumbleweed

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2007:060 (see also SUSE bugzilla) Related CVEs: CVE-2007-5392 CVE-2012-5112 CVE-2017-1000121 CVE-2018-4437 CVE-2018-4441 CVE-2018-4443 CVE-2021-1788 CVE-2021-1789  +12 more Upstream summary: Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-21029 CVE-2026-4105 CVE-2017-18078 CVE-2018-15688 CVE-2018-16864 CVE-2018-16865 CVE-2018-6954 CVE-2019-6454  +12 more Upstream summary: systemd 239 through 245 accepts any certificate signed by a trusted certificate authority […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:0165-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-19198 CVE-2018-19199 CVE-2018-20721 CVE-2024-34402 CVE-2024-34403 CVE-2018-19200 CVE-2021-46141 CVE-2021-46142 Upstream summary: An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2010-3907 CVE-2019-13962 CVE-2023-5217 CVE-2022-41325 CVE-2022-37434 CVE-2017-10699 CVE-2019-13602 CVE-2020-13428  +12 more Upstream summary: Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2008:027 (see also SUSE bugzilla) Related CVEs: CVE-2008-2362 CVE-2024-31082 CVE-2022-2319 CVE-2022-2320 CVE-2008-2360 CVE-2018-14665 CVE-2020-14345 CVE-2020-14346  +12 more Upstream summary: Multiple integer overflows in the Render extension in the X server 1.4 in […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2017-15631 Upstream summary: TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file. Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-41257 CVE-2026-43894 CVE-2025-49014 CVE-2026-32316 CVE-2026-33947 CVE-2026-33948 CVE-2026-39956 CVE-2026-39979  +12 more Upstream summary: jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-9256 CVE-2026-42945 CVE-2026-27651 CVE-2026-27654 CVE-2026-27784 CVE-2026-32647 CVE-2024-24989 CVE-2022-41741  +12 more Upstream summary: NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-46529 Upstream summary: Unknown. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary Fix Solution […]