openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:0096-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-20001 CVE-2014-2905 CVE-2014-2906 CVE-2014-2914 CVE-2014-3219 CVE-2023-49284 CVE-2014-3856 Upstream summary: fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0060-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-28374 Upstream summary: In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2022-25328 CVE-2022-25326 CVE-2022-25327 Upstream summary: The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1007-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24921 CVE-2022-23772 CVE-2022-23806 CVE-2021-44716 CVE-2021-41771 CVE-2021-41772 CVE-2021-39293 CVE-2022-23773  +3 more Upstream summary: regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2086-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-44225 CVE-2018-19044 CVE-2018-19045 CVE-2018-19046 CVE-2024-41184 Upstream summary: In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-24986 Upstream summary: KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0304-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-26937 CVE-2025-46802 CVE-2023-24626 CVE-2017-5618 Upstream summary: encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-25058 Upstream summary: An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-0545 CVE-2022-0546 CVE-2022-0544 Upstream summary: An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-45005 CVE-2022-30974 Upstream summary: Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. […]