openSUSE Tumbleweed

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14667-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-0147 CVE-2024-0131 Upstream summary: NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0037-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45676 CVE-2023-45677 CVE-2023-45681 Upstream summary: stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14631-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-11614 CVE-2020-10725 CVE-2020-14374 CVE-2020-14375 CVE-2020-14376 CVE-2020-14378 CVE-2022-0669 CVE-2018-1059  +2 more Upstream summary: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14635-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-10224 Upstream summary: Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14601-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-25885 Upstream summary: An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10384 (see also SUSE bugzilla) Related CVEs: CVE-2024-52336 CVE-2024-52337 Upstream summary: A script injection vulnerability was identified in the Tuned package. The `instance_create()` D-Bus function can be called by locally logged-in users […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-0996 CVE-2024-41311 CVE-2025-68431 CVE-2023-29659 CVE-2023-49460 CVE-2023-49463 CVE-2023-49462 CVE-2023-49464  +2 more Upstream summary: There is a vulnerability in the strided image data parsing code in the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:0005-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-54137 Upstream summary: liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14581-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-12254 CVE-2023-6507 Upstream summary: Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to […]