openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0904-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-4607 Upstream summary: Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0601-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-23358 Upstream summary: The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2016:2496-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-7052 CVE-2016-7099 CVE-2016-1669 CVE-2016-2178 CVE-2016-5180 CVE-2016-5325 CVE-2016-6304 CVE-2016-6306 Upstream summary: crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2017:3259-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9274 Upstream summary: A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:0326-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-12476 CVE-2018-12473 CVE-2018-12474 Upstream summary: Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2017-9772 CVE-2018-9838 CVE-2015-8869 Upstream summary: Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-16947 CVE-2018-16948 CVE-2018-16949 Upstream summary: An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2013-7098 CVE-2019-16239 CVE-2012-6128 CVE-2020-12105 CVE-2020-12823 CVE-2012-3291 CVE-2018-20319 Upstream summary: OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-14664 CVE-2024-20923 CVE-2024-20925 CVE-2026-21947 CVE-2024-21002 CVE-2024-21003 CVE-2024-21004 CVE-2024-21005  +1 more Upstream summary: Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1844-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-3685 CVE-2024-22034 CVE-2015-0778 CVE-2019-3681 CVE-2012-1095 Upstream summary: Open Build Service before version 0.165.4 diddn't validate TLS certificates for HTTPS connections with the osc client binary […]