openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:4092-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-1372 CVE-2025-1352 CVE-2025-1376 CVE-2025-1377 Upstream summary: A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-52339 Upstream summary: In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:22376 (see also SUSE bugzilla) Related CVEs: CVE-2025-9714 Upstream summary: Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:21195-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-0840 CVE-2025-11083 CVE-2025-11412 CVE-2025-11413 CVE-2025-11414 CVE-2025-1182 CVE-2025-3198 CVE-2025-5244  +12 more Upstream summary: A vulnerability, which was classified as problematic, was found in GNU Binutils […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:21016-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-59432 Upstream summary: SCRAM (Salted Challenge Response Authentication Mechanism) is part of the family of Simple Authentication and Security Layer (SASL, RFC 4422) authentication […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:3942-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28885 CVE-2024-31074 CVE-2024-33617 Upstream summary: Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-22513 Upstream summary: djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3496-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-42523 Upstream summary: There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0240-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-51257 CVE-2025-8835 CVE-2025-8837 CVE-2025-8836 Upstream summary: An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:3845-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-61962 Upstream summary: In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context. […]