openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1569-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-43618 Upstream summary: GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1498-1 Related CVEs: CVE-2021-42072 CVE-2021-42073 Upstream summary: An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1538-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-23903 Upstream summary: A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:0061-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-36370 Upstream summary: An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:3857-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-32839 Upstream summary: sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2020-12272 Upstream summary: OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2016-9956 Upstream summary: The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script. Table of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-6590 Upstream summary: An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:2307-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10900 Upstream summary: Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2011:005 (see also SUSE bugzilla) Related CVEs: CVE-2011-0461 Upstream summary: /etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and before 11.3-8.7.1 in openSUSE 11.3, allows local users to overwrite […]