openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1908-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-1010006 CVE-2006-5864 CVE-2010-2640 CVE-2010-2641 CVE-2010-2642 CVE-2010-2643 CVE-2017-1000083 CVE-2019-11459 Upstream summary: Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2007:008 (see also SUSE bugzilla) Related CVEs: CVE-2006-5867 CVE-2025-61962 CVE-2021-39272 CVE-2006-0321 CVE-2006-5974 CVE-2007-4565 CVE-2009-2666 CVE-2010-1167  +3 more Upstream summary: fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2013:0496-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-2492 Upstream summary: Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0763-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-18397 Upstream summary: A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0849-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-10759 CVE-2022-3287 Upstream summary: A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:3035-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-16976 CVE-2018-20683 Upstream summary: Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0079-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1088 CVE-2018-10904 CVE-2018-10927 CVE-2018-10928 CVE-2018-10911 CVE-2018-10914 CVE-2018-10924 CVE-2018-10930 Upstream summary: A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:2000-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-9512 CVE-2019-9514 CVE-2019-14809 Upstream summary: Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-11888 CVE-2019-16276 CVE-2019-17596 Upstream summary: Go through 1.12.5 on Windows mishandles process creation with a nil environment in conjunction with a non-nil token, which allows […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1087-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-15586 CVE-2020-14039 CVE-2020-16845 Upstream summary: Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy […]