openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1031-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-33813 Upstream summary: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9193 (see also SUSE bugzilla) Related CVEs: CVE-2024-36039 Upstream summary: PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1860-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-34402 CVE-2024-34403 Upstream summary: An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9092 (see also SUSE bugzilla) Related CVEs: CVE-2024-32658 CVE-2024-32659 CVE-2024-32039 CVE-2024-32460 CVE-2024-22211 CVE-2024-32660 CVE-2024-32661 CVE-2024-32040  +12 more Upstream summary: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0146-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-46009 CVE-2023-36193 Upstream summary: gifsicle-1.94 was found to have a floating point exception (FPE) vulnerability via resize_stream at src/xform.c. Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0147-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-26157 CVE-2022-33025 CVE-2023-36271 CVE-2023-36272 CVE-2023-36273 CVE-2023-36274 Upstream summary: Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0139-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-50471 CVE-2023-50472 CVE-2024-31755 Upstream summary: cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. Table of contents Symptom […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1767-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-4340 CVE-2023-30608 Upstream summary: Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Table of contents Symptom […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-6798 CVE-2018-6913 CVE-2023-31484 Upstream summary: An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0130-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-32650 Upstream summary: Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. When […]