openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-3427 CVE-2017-9031 Upstream summary: The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-1285 CVE-2006-0743 Upstream summary: Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2200-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-27404 CVE-2022-27406 Upstream summary: FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14690-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-30187 Upstream summary: Unknown. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary Fix Solution […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-1736 Upstream summary: Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default. Table of contents Symptom & Impact Environment & Reproduction […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2872-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-31081 Upstream summary: HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:3473-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-1708 CVE-2019-10214 Upstream summary: A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:15107-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-31116 CVE-2022-31117 CVE-2021-45958 Upstream summary: UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Affected versions were […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3271-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2211 Upstream summary: A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:10017-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2061 Upstream summary: Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]