openSUSE Tumbleweed

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0094-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-22869 CVE-2025-21613 CVE-2025-21614 CVE-2025-47914 Upstream summary: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0091-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-22868 Upstream summary: An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14832-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-7254 CVE-2026-0994 CVE-2025-4565 Upstream summary: Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:1915 (see also SUSE bugzilla) Related CVEs: CVE-2025-1244 CVE-2024-53920 CVE-2023-27985 CVE-2023-27986 CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 CVE-2022-45939  +9 more Upstream summary: A command injection flaw was found in the text editor Emacs. It could […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-23217 Upstream summary: mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:0561-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-0650 CVE-2023-3966 CVE-2023-5366 CVE-2023-3152 CVE-2022-4338 CVE-2020-27827 CVE-2026-34956 CVE-2023-3153  +2 more Upstream summary: A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14815-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-45339 CVE-2021-20329 Upstream summary: When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14578-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47540 CVE-2024-47539 CVE-2024-47537 CVE-2024-47543 CVE-2024-47530 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601  +9 more Upstream summary: GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0052-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-24359 Upstream summary: ASTEVAL is an evaluator of Python expressions and statements. Prior to version 1.0.6, if an attacker can control the input to the […]