openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3939-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47220 CVE-2024-43398 CVE-2025-24294 CVE-2025-6442 CVE-2025-27220 CVE-2025-27221 CVE-2025-27219 CVE-2024-49761  +5 more Upstream summary: An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6356 (see also SUSE bugzilla) Related CVEs: CVE-2024-42472 CVE-2024-32462 Upstream summary: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:4647 (see also SUSE bugzilla) Related CVEs: CVE-2024-39936 CVE-2025-30348 CVE-2025-5455 CVE-2023-45935 Upstream summary: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2732-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-41671 CVE-2024-41810 Upstream summary: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6757 (see also SUSE bugzilla) Related CVEs: CVE-2024-7383 Upstream summary: A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2756-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-14868 Upstream summary: In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0130-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-32650 Upstream summary: Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. When […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0360-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-44487 CVE-2025-23419 CVE-2024-7347 CVE-2025-53859 Upstream summary: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6184 (see also SUSE bugzilla) Related CVEs: CVE-2024-40897 Upstream summary: Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2475-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-52168 CVE-2023-52169 CVE-2022-47069 CVE-2023-1576 Upstream summary: The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an […]