openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1733-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-3247 CVE-2015-5260 CVE-2015-5261 CVE-2016-0749 CVE-2016-2150 Upstream summary: Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:2083-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-15784 Upstream summary: Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections. Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:0039-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-13217 CVE-2019-13220 CVE-2019-13221 CVE-2019-13222 CVE-2019-13218 CVE-2019-13219 CVE-2019-13223 Upstream summary: A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:0709-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-1762 CVE-2015-3644 CVE-2011-2940 CVE-2014-0016 Upstream summary: stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-12105 Upstream summary: In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:0293-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-19637 CVE-2018-19639 CVE-2022-45154 CVE-2018-19640 CVE-2018-19638 Upstream summary: Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0688-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-21404 CVE-2022-46165 Upstream summary: Syncthing is a continuous file synchronization program. In Syncthing before version 1.15.0, the relay server `strelaysrv` can be caused to crash […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0736-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19725 CVE-2023-33204 CVE-2022-39377 CVE-2007-3852 CVE-2019-16167 CVE-2018-19416 CVE-2018-19517 Upstream summary: sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. Table of contents Symptom & […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-12678 CVE-2012-2396 CVE-2018-11439 Upstream summary: In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-10699 CVE-2020-13867 Upstream summary: A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If […]