openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0026-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-9636 CVE-2018-1000035 CVE-2022-0529 CVE-2022-0530 CVE-2005-2475  +4 more Upstream summary: Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0162-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-11243 CVE-2019-14296 CVE-2020-24119 CVE-2025-2849 CVE-2023-23457 CVE-2017-16869 CVE-2019-1010048 CVE-2019-20021  +1 more Upstream summary: PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2018-1000537 Upstream summary: Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0270-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-9114 CVE-2016-2779 CVE-2013-0157 CVE-2015-5218 Upstream summary: Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. Table of contents Symptom & Impact Environment […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-40540 Upstream summary: ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-6758 CVE-2024-24795 CVE-2023-27522 Upstream summary: The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-16892 Upstream summary: In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0447-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-13936 Upstream summary: An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2011:009 (see also SUSE bugzilla) Related CVEs: CVE-2011-0904 CVE-2011-1164 CVE-2019-15681 CVE-2011-0905 Upstream summary: The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0153-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-6767 CVE-2020-35738 CVE-2021-44269 CVE-2018-7253 CVE-2019-1010315 CVE-2019-1010317 CVE-2019-1010319 CVE-2018-19840  +4 more Upstream summary: A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack […]