openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1304-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-4218 Upstream summary: In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1271-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28834 CVE-2024-28835 CVE-2024-0553 CVE-2024-0567 CVE-2023-5981 Upstream summary: A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1256-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-47154 Upstream summary: The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:4213-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-25620 CVE-2024-26147 CVE-2023-25173 Upstream summary: Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14513-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-0793 CVE-2023-2727 CVE-2023-2728 CVE-2021-25743 CVE-2024-3177 CVE-2023-2431 Upstream summary: A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1135-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-25629 Upstream summary: c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1078-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-2494 CVE-2024-2496 CVE-2023-3750 CVE-2023-2700 CVE-2024-1441 Upstream summary: A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0963-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-1580 CVE-2023-32570 Upstream summary: An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0965-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-0911 CVE-2023-40305 Upstream summary: A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0794-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-42465 Upstream summary: Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on […]