openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1658-1 (see also SUSE bugzilla) Related CVEs: CVE-2004-2771 CVE-2014-7844 Upstream summary: The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:712-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-26291 CVE-2021-42550 Upstream summary: Apache Maven will follow repositories that are defined in a dependency's Project Object Model (pom) which may be surprising to some […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:2942-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-16741 CVE-2008-4936 CVE-2018-16742 CVE-2018-16743 CVE-2018-16744 Upstream summary: An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:3819-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-4022 Upstream summary: A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1184-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-29984 Upstream summary: Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1794-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-20743 CVE-2025-71264 CVE-2010-2490 CVE-2012-0863 CVE-2014-0044 CVE-2014-0045 CVE-2014-3755 CVE-2014-3756  +1 more Upstream summary: murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:712-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-26945 Upstream summary: MyBatis before 3.5.6 mishandles deserialization of object streams. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2020-26243 CVE-2020-5235 CVE-2021-21401 Upstream summary: Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0635-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-20305 CVE-2021-3580 CVE-2023-36660 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-6489 CVE-2018-16869 Upstream summary: A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1652-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8183 CVE-2018-3762 CVE-2020-8154 CVE-2020-8155 Upstream summary: A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given […]