openSUSE

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2011-3616 Upstream summary: The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf. Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5276 Upstream summary: The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2015-5228 CVE-2015-5231 Upstream summary: The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2012-4453 CVE-2016-8637 Upstream summary: dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1107-1 (see also SUSE bugzilla) Related CVEs: CVE-2010-2322 Upstream summary: Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:0825-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-11736 CVE-2020-36314 Upstream summary: fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2015-0552 CVE-2018-5345 Upstream summary: Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1294-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10196 CVE-2019-11023 Upstream summary: NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0137-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-8605 CVE-2016-8606 Upstream summary: The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-27851 Upstream summary: A security vulnerability that can lead to local privilege escalation has been found in 'guix-daemon'. It affects multi-user setups in which 'guix-daemon' […]