openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2969-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-42353 Upstream summary: WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-39133 CVE-2024-39134 CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5978 CVE-2017-5979 CVE-2017-5981  +9 more Upstream summary: Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2632-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49990 CVE-2023-49992 CVE-2023-49994 Upstream summary: Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2732-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-41810 Upstream summary: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4010-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-3978 Upstream summary: Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9114 (see also SUSE bugzilla) Related CVEs: CVE-2024-36472 CVE-2023-43090 CVE-2010-4000 CVE-2017-8288 CVE-2019-3820 CVE-2020-17489 Upstream summary: In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0201-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-34702 CVE-2024-39312 CVE-2024-34703 CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195  +2 more Upstream summary: Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02037-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38526 CVE-2017-5849 CVE-2018-8975 Upstream summary: pdoc provides API Documentation for Python Projects. Documentation generated with `pdoc –math` linked to JavaScript files from polyfill[.]io. The polyfill[.]io […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-28084 Upstream summary: p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-22033 Upstream summary: The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that allowed […]