openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:3107-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-14798 Upstream summary: A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0286-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8597 CVE-2022-4603 CVE-2014-3158 CVE-2015-3310 Upstream summary: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:0198-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-20230 CVE-2019-9211 CVE-2017-10791 CVE-2017-10792 CVE-2017-12958 CVE-2017-12959 CVE-2017-12961 Upstream summary: An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:2276-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-17068 CVE-2019-17069 CVE-2024-31497 CVE-2013-4852 CVE-2015-2157 CVE-2015-5309 CVE-2017-6542 Upstream summary: PuTTY before 0.73 mishandles the "bracketed paste mode" protection mechanism, which may allow a session to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0931-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-14422 CVE-2020-27619 CVE-2014-2667 CVE-2018-20406 CVE-2021-3426 Upstream summary: Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1395-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-10745 CVE-2019-10906 CVE-2020-28493 Upstream summary: In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. Table of contents Symptom & Impact Environment & Reproduction Root […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:2039-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-7164 Upstream summary: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. Table of contents Symptom & Impact Environment & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0349-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36242 CVE-2020-25659 Upstream summary: In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2021-30459 Upstream summary: A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0322-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25626 Upstream summary: A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST […]