openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-1999023 CVE-2015-0844 Upstream summary: The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2017:2884-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-13089 CVE-2017-13090 CVE-2019-5953 CVE-2024-10524 CVE-2024-38428 CVE-2006-6719 CVE-2010-2252 CVE-2014-4877  +5 more Upstream summary: The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1111-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-3816 Upstream summary: Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2021-29504 Upstream summary: WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0284-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-0326 CVE-2021-27803 CVE-2023-52160 CVE-2015-4146 CVE-2015-5310 CVE-2015-5315 CVE-2015-5316 CVE-2016-4477  +6 more Upstream summary: In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2011:016 (see also SUSE bugzilla) Related CVEs: CVE-2011-0465 Upstream summary: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2010-4225 Upstream summary: Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3231-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-17955 Upstream summary: In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3199-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-17956 Upstream summary: In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:0036-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-27927 CVE-2022-35230 CVE-2022-24349 CVE-2020-15803 CVE-2022-23134 Upstream summary: In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate […]