openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-24332 CVE-2019-18898 Upstream summary: An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0105-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-2126 CVE-2017-0641 CVE-2017-13194 CVE-2019-9232 CVE-2019-9371 CVE-2019-9433 CVE-2019-9325 Upstream summary: In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-0499 Upstream summary: A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet(). Table of contents […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:0158-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-0486 CVE-2018-0489 CVE-2019-9628 Upstream summary: Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:2623-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-14779 CVE-2018-14780 Upstream summary: A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1767-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-13132 CVE-2019-6250 CVE-2020-15166 CVE-2014-7202 CVE-2014-7203 CVE-2014-9721 Upstream summary: In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2011-3349 CVE-2011-3153 CVE-2011-4105 CVE-2012-1111 Upstream summary: lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1771-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19917 CVE-2019-19918 Upstream summary: Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. Table of contents Symptom & Impact Environment & Reproduction […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-15888 CVE-2020-24342 CVE-2022-33099 CVE-2021-44647 CVE-2020-24369 CVE-2021-43519 CVE-2020-15945 Upstream summary: Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2009:002 (see also SUSE bugzilla) Related CVEs: CVE-2008-4690 Upstream summary: lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute […]