openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0008-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-51713 Upstream summary: make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0573-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-32731 Upstream summary: When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0423-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-50255 Upstream summary: Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:0560-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-37460 Upstream summary: Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0413-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-39070 Upstream summary: An issue in Cppcheck 2.12 dev allows a local attacker to execute arbitrary code via the removeContradiction parameter in token.cpp:1934. Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0577-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-23334 CVE-2024-42367 CVE-2023-47627 CVE-2024-23829 CVE-2023-49082 Upstream summary: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:4181-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-26965 CVE-2024-7006 CVE-2023-3164 CVE-2023-40745 CVE-2023-41175 CVE-2023-52356 CVE-2022-1622 CVE-2022-40090  +12 more Upstream summary: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4868-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-5557 Upstream summary: A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:4104-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-39326 CVE-2023-39325 CVE-2023-39323 CVE-2023-45285 CVE-2023-45283 CVE-2023-45284 CVE-2023-39318 CVE-2023-39319 Upstream summary: A malicious HTTP sender can use chunk extensions to cause a receiver reading from […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4692-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 Upstream summary: GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute […]