openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3094-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-9862 Upstream summary: Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:2106-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-10696 CVE-2022-2990 CVE-2022-27651 Upstream summary: A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1071-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3567 Upstream summary: A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. An attacker could use this flaw to bypass screen-locking […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:2308-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-14912 CVE-2011-2711 CVE-2012-4465 CVE-2012-4548 CVE-2013-2117 CVE-2016-1899 CVE-2016-1900 CVE-2016-1901 Upstream summary: cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2014-0021 CVE-2012-4502 CVE-2012-4503 CVE-2020-14367 CVE-2016-1567 Upstream summary: Chrony before 1.29.1 has traffic amplification in cmdmon protocol Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1294-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12825 Upstream summary: libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. Table of contents Symptom & Impact Environment & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:2689-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-38185 CVE-2023-7207 CVE-2014-9112 CVE-2016-2037 CVE-2019-14866 CVE-2015-1197 Upstream summary: GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0549-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-11722 Upstream summary: Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0055-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-35459 Upstream summary: An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2006:027 (see also SUSE bugzilla) Related CVEs: CVE-2006-2607 CVE-2010-0424 CVE-2019-9704 Upstream summary: do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local […]