openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2024:2078-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-46118 Upstream summary: RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4948-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-40889 CVE-2023-40890 Upstream summary: A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4895-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-26592 CVE-2022-43357 CVE-2022-43358 Upstream summary: Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function. Table of contents Symptom & Impact Environment & Reproduction […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:4192-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-50495 CVE-2023-45918 Upstream summary: NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Table of contents Symptom & Impact Environment […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0404-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49284 Upstream summary: fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:4179-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49083 Upstream summary: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8849 (see also SUSE bugzilla) Related CVEs: CVE-2023-45539 CVE-2023-40225 Upstream summary: HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:3924-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-46316 Upstream summary: In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4424-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-4645 CVE-2015-4646 CVE-2021-40153 CVE-2021-41072 Upstream summary: Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4577-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-42822 CVE-2023-40184 Upstream summary: xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . […]