openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-27470 Upstream summary: SDL_ttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:10042-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-18359 Upstream summary: PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted ST_AsX3D function input, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:2562-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25657 Upstream summary: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1298-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-30580 CVE-2022-32189 CVE-2022-1705 CVE-2022-1962 CVE-2022-28131 CVE-2022-30630 CVE-2022-30631 CVE-2022-30632  +9 more Upstream summary: Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:1678-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36518 Upstream summary: jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. Table of contents […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14987-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-29217 Upstream summary: PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14845-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-29241 Upstream summary: Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14697-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-29181 CVE-2022-24836 CVE-2022-24839 Upstream summary: Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:10235-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36428 CVE-2019-17533 CVE-2019-20017 CVE-2019-20052 Upstream summary: matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2022:632-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24903 CVE-2011-3200 CVE-2013-4758 CVE-2013-6370 CVE-2013-6371 CVE-2014-3683 CVE-2015-3243 Upstream summary: Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential […]