openSUSE Tumbleweed

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0210-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38448 CVE-2017-17531 Upstream summary: htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0203-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-39844 CVE-2019-12816 CVE-2019-9917 CVE-2020-1377 CVE-2012-0033 CVE-2014-9043 CVE-2018-14055 CVE-2018-14056 Upstream summary: In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. Table […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0221-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-39705 Upstream summary: NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2272-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28397 Upstream summary: An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2012-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-5702 CVE-2023-0616 CVE-2022-26386 CVE-2022-22763 CVE-2008-4061 CVE-2008-4064 CVE-2008-4070 CVE-2008-5014  +12 more Upstream summary: Memory corruption in the networking stack could have led to a potentially exploitable […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory BLOG-XZ (see also SUSE bugzilla) Related CVEs: CVE-2024-3094 CVE-2026-34743 CVE-2025-31115 CVE-2022-1271 Upstream summary: Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0093-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-33476 CVE-2022-26505 CVE-2020-28926 Upstream summary: ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0138-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-36048 Upstream summary: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0274-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-25641 CVE-2024-34340 CVE-2023-39361 CVE-2022-46169 CVE-2022-0730 CVE-2024-27082 CVE-2024-31445 CVE-2024-31458  +12 more Upstream summary: Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2024-24576 Upstream summary: Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments […]