openSUSE

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2012-2451 Upstream summary: The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2011-4114 Upstream summary: The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:0303-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-8651 Upstream summary: The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0563-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-0219 Upstream summary: Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-1934 Upstream summary: tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2022:0444-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-1829 CVE-2014-1830 Upstream summary: Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:0159-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-9015 Upstream summary: Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:0588-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-21416 Upstream summary: django-registration is a user registration package for Django. The django-registration package provides tools for implementing user-account registration flows in the Django web […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:2131-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-11324 Upstream summary: The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2011-3602 Upstream summary: Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote […]