openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0478-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 Upstream summary: PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0646-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-35573 Upstream summary: srs2.c in PostSRSd before 1.10 allows remote attackers to cause a denial of service (CPU consumption) via a long timestamp tag in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2016-8685 CVE-2013-7437 CVE-2017-12067 Upstream summary: The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0807-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-20797 Upstream summary: An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2014:1114-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-3618 CVE-2017-16844 Upstream summary: Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2018:1848-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2023-4016 Upstream summary: procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2015-3887 Upstream summary: Untrusted search path vulnerability in ProxyChains-NG before 4.9 allows local users to gain privileges via a Trojan horse libproxychains4.so library in the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-5593 Upstream summary: An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2012-3458 Upstream summary: Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0077-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-3982 CVE-2015-5145 CVE-2015-5963 Upstream summary: The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows […]