openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0853-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-15522 CVE-2026-41051 CVE-2019-15523 Upstream summary: An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2012:1287-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-3524 CVE-2023-34969 CVE-2022-42011 CVE-2022-42012 CVE-2006-6107 CVE-2008-0595 CVE-2008-3834 CVE-2008-4311  +12 more Upstream summary: libdbus 1.5.x and earlier, when used in setuid or other privileged programs in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2005-4849 CVE-2015-1832 CVE-2006-7216 CVE-2006-7217 Upstream summary: Apache Derby before 10.1.2.1 exposes the (1) user and (2) password attributes in cleartext via (a) the RDBNAM parameter […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2012-2240 CVE-2012-2241 CVE-2012-3500 Upstream summary: scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands." Table of contents […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:0810-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-5732 CVE-2019-6470 CVE-2021-25217 CVE-2022-2928 CVE-2022-2929 CVE-2009-1892 CVE-2010-2156 CVE-2010-3611  +12 more Upstream summary: Failure to properly bounds-check a buffer used for processing DHCP options allows a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0719-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-10683 CVE-2018-1000632 Upstream summary: dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14715-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-14461 CVE-2019-11500 CVE-2019-3814 CVE-2020-10957 CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 CVE-2020-24386  +12 more Upstream summary: A specially crafted email delivered over SMTP and passed on to Dovecot by […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2006-3668 Upstream summary: Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0485-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-27225 CVE-2023-4218 Upstream summary: In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2008-5978 CVE-2013-7447 CVE-2016-6855 Upstream summary: Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) […]