openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2011:0884-1 (see also SUSE bugzilla) Related CVEs: CVE-2010-3872 CVE-2013-4365 CVE-2016-1000104 Upstream summary: A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:4032-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-11759 CVE-2007-0774 CVE-2008-5519 CVE-2014-8111 CVE-2018-1323 Upstream summary: The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2015:0611-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-0240 CVE-2022-2255 Upstream summary: The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0945-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-25321 Upstream summary: A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1181-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-25051 Upstream summary: objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:0940-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-7747 CVE-2018-17095 CVE-2019-13147 CVE-2022-24599 CVE-2017-6828 CVE-2017-6830 CVE-2017-6832 CVE-2017-6834  +3 more Upstream summary: Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0370-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-26720 CVE-2026-24401 CVE-2026-34933 CVE-2025-68276 CVE-2025-68468 CVE-2025-68471 CVE-2024-52615 CVE-2024-52616  +12 more Upstream summary: avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2018:4074-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-15869 Upstream summary: An Amazon Web Services (AWS) developer who does not specify the –owners flag when describing images via AWS CLI, and therefore not […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2014:1226-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2016-9401 CVE-2014-2524 Upstream summary: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:3001-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-17144 CVE-2021-3195 Upstream summary: Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow […]