openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-20307 Upstream summary: Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. Table of contents […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1676-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25219 CVE-2020-26154 CVE-2012-4504 Upstream summary: url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-10528 CVE-2018-10529 CVE-2017-14265 CVE-2017-6886 CVE-2017-6887 CVE-2017-6890 CVE-2020-15503 CVE-2017-14348  +4 more Upstream summary: An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1289-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-14352 Upstream summary: A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1791-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12861 CVE-2020-12862 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 CVE-2017-6318 Upstream summary: A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0020-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19191 CVE-2017-16852 Upstream summary: Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file that calls chown on files in a directory controlled by […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0884-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-4282 CVE-2016-9577 CVE-2016-9578 CVE-2019-3813 Upstream summary: Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2019-19847 Upstream summary: Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-6003 CVE-2025-13151 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 CVE-2015-2806 CVE-2016-4008 CVE-2018-1000654  +1 more Upstream summary: An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-28589 Upstream summary: An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted […]