openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0467-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6401 Upstream summary: Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:1629-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-11372 CVE-2019-11373 Upstream summary: An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash. Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-2892 Upstream summary: Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2011:0943-1 (see also SUSE bugzilla) Related CVEs: CVE-2011-1761 CVE-2013-4233 CVE-2013-4234 Upstream summary: Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1821-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9433 Upstream summary: Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2007:002 (see also SUSE bugzilla) Related CVEs: CVE-2007-0157 CVE-2008-3746 CVE-2009-2473 CVE-2009-2474 Upstream summary: Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0577-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-22879 Upstream summary: Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2011:045 (see also SUSE bugzilla) Related CVEs: CVE-2006-7246 CVE-2015-2924 CVE-2018-1000135 CVE-2020-10754 CVE-2021-20297 CVE-2016-0764 Upstream summary: NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. Table […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2045-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-14731 CVE-2017-2816 Upstream summary: ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2017:0510-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-0381 Upstream summary: An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its […]