openSUSE Tumbleweed

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0158-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-7101 Upstream summary: Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-31038 CVE-2026-40023 CVE-2025-54812 Upstream summary: SQL injection in Log4cxx when using the ODBC appender to send log messages to a database. No fields sent to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0423-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-50255 Upstream summary: Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1231-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1311 CVE-2017-12627 CVE-2009-1885 CVE-2016-0729 CVE-2016-2099 CVE-2016-4463 Upstream summary: The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-50254 Upstream summary: Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0413-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-39070 Upstream summary: An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1474-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-42260 CVE-2023-34194 Upstream summary: TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-49342 CVE-2023-49343 CVE-2023-49344 CVE-2023-49345 CVE-2023-49346 CVE-2023-49347 Upstream summary: Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3021-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-38633 CVE-2021-25900 CVE-2011-3146 CVE-2013-1881 CVE-2019-20446 CVE-2017-11464 Upstream summary: A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:4104-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-39326 CVE-2023-39323 CVE-2023-45284 CVE-2023-45285 CVE-2023-45283 CVE-2023-39318 CVE-2023-39319 Upstream summary: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request […]