openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2016:0708-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-2851 Upstream summary: Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1368-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-5209 CVE-2017-5834 CVE-2017-6440 CVE-2017-6436 Upstream summary: The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2008-0008 CVE-2014-3970 Upstream summary: The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2011:002 (see also SUSE bugzilla) Related CVEs: CVE-2009-0945 CVE-2011-3193 CVE-2011-3922 CVE-2013-0254 CVE-2015-1858 CVE-2015-1859 CVE-2012-6093 CVE-2014-0190 Upstream summary: Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:0610-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-2399 CVE-2017-9122 CVE-2017-9123 CVE-2017-9124 CVE-2017-9125 CVE-2017-9126 CVE-2017-9127 CVE-2017-9128 Upstream summary: Integer overflow in the quicktime_read_pascal function in libquicktime 1.2.4 and earlier allows remote attackers to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2016-9928 CVE-2017-5603 Upstream summary: MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2014-3502 CVE-2014-8176 CVE-2015-5333 CVE-2015-5334 CVE-2018-12434 CVE-2018-8970 Upstream summary: Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2017:3241-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-16853 Upstream summary: The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2008-5008 Upstream summary: Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:2280-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-9893 Upstream summary: libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able […]