openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14557-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-24815 Upstream summary: CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0412-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-9774 Upstream summary: A vulnerability was found in python-sql where unary operators do not escape non-Expression. Table of contents Symptom & Impact Environment & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14538-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-52616 CVE-2023-38469 CVE-2023-38471 CVE-2023-38472 CVE-2023-38470 CVE-2023-38473 Upstream summary: A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14582-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-54661 Upstream summary: readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0402-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-11403 Upstream summary: There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14528-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-52804 Upstream summary: Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14492-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-10524 CVE-2024-38428 Upstream summary: Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9088 (see also SUSE bugzilla) Related CVEs: CVE-2024-1298 Upstream summary: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4393-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-11407 CVE-2024-7246 Upstream summary: There exists a denial of service through Data corruption in gRPC-C++ – gRPC-C++ servers with transmit zero copy enabled through […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4054-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28168 Upstream summary: Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: […]