openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:2871-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-48174 Upstream summary: There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3525-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-38201 CVE-2023-38200 Upstream summary: A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2023:3413-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-0950 CVE-2023-2255 Upstream summary: Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0232-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-39214 Upstream summary: mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0222-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-31486 Upstream summary: HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0219-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-32184 Upstream summary: A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3222-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-38103 CVE-2023-38104 Upstream summary: GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3030-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-37464 Upstream summary: OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). The AES GCM decryption routine incorrectly uses the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0215-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-29424 Upstream summary: The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0205-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-30577 Upstream summary: AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. Table of […]