openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14489-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-52530 CVE-2024-52531 CVE-2024-52532 Upstream summary: GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14570-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-46901 Upstream summary: Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4327-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-30251 CVE-2024-52304 CVE-2024-27306 CVE-2023-47641 CVE-2023-49081 Upstream summary: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In affected versions an attacker can […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14543-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22038 Upstream summary: Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service. Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14521-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-11233 CVE-2023-3823 CVE-2023-3824 CVE-2024-11234 CVE-2024-8929 CVE-2024-8925 CVE-2024-8927 CVE-2024-9026  +4 more Upstream summary: In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14487-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-52533 CVE-2024-34397 Upstream summary: gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14496-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-21820 CVE-2024-21853 CVE-2024-23918 CVE-2023-42667 CVE-2023-49141 CVE-2024-24853 CVE-2024-24980 CVE-2024-25939  +12 more Upstream summary: Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10953 (see also SUSE bugzilla) Related CVEs: CVE-2024-53899 Upstream summary: virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4037-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47072 Upstream summary: XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to […]