openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:0005-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-37305 CVE-2024-54137 CVE-2024-36405 Upstream summary: oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14997-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-56201 CVE-2024-56326 CVE-2025-27516 CVE-2024-22195 CVE-2024-34064 Upstream summary: Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14611-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-40896 Upstream summary: In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14601-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-25885 Upstream summary: An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14581-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-12254 CVE-2024-4030 Upstream summary: Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory ESSA-2024:0627 (see also SUSE bugzilla) Related CVEs: CVE-2023-31315 Upstream summary: Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14543-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22038 Upstream summary: Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service. Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4152-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-53849 Upstream summary: editorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3709-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-38802 CVE-2023-41358 CVE-2023-47234 CVE-2023-47235 CVE-2024-31948 CVE-2024-44070 CVE-2024-31950 CVE-2024-31951  +12 more Upstream summary: FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10953 (see also SUSE bugzilla) Related CVEs: CVE-2024-53899 Upstream summary: virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly […]