openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-48172 Upstream summary: CHMLib through 2bef8d0, as used in SumatraPDF and other products, has a chm_lib.c _chm_decompress_block integer overflow. There is a resultant heap-based buffer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-52891 CVE-2025-47947 CVE-2025-48866 CVE-2022-48279 CVE-2025-54571 CVE-2009-5031 CVE-2012-4528 CVE-2013-1915  +2 more Upstream summary: ModSecurity is an open source, cross platform web application firewall (WAF) engine for […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:14177 (see also SUSE bugzilla) Related CVEs: CVE-2025-48976 CVE-2013-2186 Upstream summary: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2018-20196 CVE-2019-6956 CVE-2018-20194 CVE-2018-20199 CVE-2018-20358 CVE-2018-20359 CVE-2018-20362 CVE-2019-15296 Upstream summary: There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2025:20479-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-6018 CVE-2020-16125 CVE-2011-1709 CVE-2017-12164 CVE-2018-14424 CVE-2019-3825 CVE-2015-7496 CVE-2020-27837 Upstream summary: A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:11888 (see also SUSE bugzilla) Related CVEs: CVE-2025-5222 CVE-2020-10531 CVE-2007-4770 CVE-2020-21913 CVE-2008-1036 Upstream summary: A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-49847 CVE-2025-53630 Upstream summary: llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2025:20961-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-5791 Upstream summary: A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:9517 (see also SUSE bugzilla) Related CVEs: CVE-2011-10007 Upstream summary: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename. A file handle is opened […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:9329 (see also SUSE bugzilla) Related CVEs: CVE-2025-40908 CVE-2012-1152 Upstream summary: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified Table of contents Symptom & Impact […]