openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14373-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-42934 Upstream summary: OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3526-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45913 CVE-2023-45919 CVE-2023-45922 Upstream summary: ** DISPUTED ** Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3543-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47855 Upstream summary: util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3541-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-8981 CVE-2017-6840 CVE-2017-6841 CVE-2017-6842 CVE-2017-6845 CVE-2017-6849 CVE-2017-8378 CVE-2018-5309  +4 more Upstream summary: Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14347-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49582 Upstream summary: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14362-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-35255 Upstream summary: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Table of contents Symptom & Impact Environment & Reproduction Root […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3198-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45221 CVE-2023-48368 CVE-2023-22656 CVE-2023-47169 CVE-2023-47282 Upstream summary: Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14392-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 CVE-2024-24788 Upstream summary: Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3210-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-7256 CVE-2024-8006 Upstream summary: In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3149-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-7008 Upstream summary: A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have […]