openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0851-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-51441 CVE-2012-5784 CVE-2014-3596 CVE-2018-8032 Upstream summary: ** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0742-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-51765 Upstream summary: sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-32190 Upstream summary: mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0250-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-50711 Upstream summary: vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:3470-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-18584 CVE-2018-18585 CVE-2018-18586 CVE-2010-2800 CVE-2010-2801 CVE-2014-9556 CVE-2019-1010305 CVE-2018-14681  +1 more Upstream summary: In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:496-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-40023 Upstream summary: Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:1102-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-4899 CVE-2019-11922 Upstream summary: A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-52339 CVE-2021-3405 Upstream summary: In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1863-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22195 Upstream summary: Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:1829-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-52323 Upstream summary: PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack. Table of contents Symptom & Impact […]