openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0343-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-50382 CVE-2024-50383 CVE-2024-34702 CVE-2024-39312 CVE-2024-34703 Upstream summary: Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-52424 Upstream summary: The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0342-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-47952 Upstream summary: lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14443-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-50602 Upstream summary: An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14353-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-45405 Upstream summary: `gix-path` is a crate of the `gitoxide` project (an implementation of `git` written in Rust) dealing paths and their conversions. Prior […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:0743 (see also SUSE bugzilla) Related CVEs: CVE-2024-41184 Upstream summary: In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3526-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45913 CVE-2023-45919 CVE-2023-45922 Upstream summary: Mesa v23.0.4 was discovered to contain a NULL pointer dereference via the function dri2GetGlxDrawableFromXDrawableId(). This vulnerability is triggered when […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3543-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47855 Upstream summary: util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3541-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-8981 CVE-2017-6840 CVE-2017-6841 CVE-2017-6842 CVE-2017-6845 CVE-2017-6849 CVE-2017-8378 CVE-2018-5309  +4 more Upstream summary: Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14387-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47554 Upstream summary: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. […]