openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0366-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24859 Upstream summary: PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0353-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-50624 Upstream summary: ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14471-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47889 Upstream summary: Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14479-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47887 CVE-2023-28362 CVE-2020-8166 Upstream summary: Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0343-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-50382 CVE-2024-50383 CVE-2024-34702 CVE-2024-39312 CVE-2024-34703 Upstream summary: Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0342-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-47952 Upstream summary: lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3533-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-6917 CVE-2024-45769 CVE-2024-45770 Upstream summary: A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14443-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-50602 Upstream summary: An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14420-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-9676 CVE-2024-9675 CVE-2024-9341 CVE-2024-9407 Upstream summary: A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:0743 (see also SUSE bugzilla) Related CVEs: CVE-2024-41184 Upstream summary: ** DISPUTED ** In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record […]