openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02037-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38526 Upstream summary: pdoc provides API Documentation for Python Projects. Documentation generated with `pdoc –math` linked to JavaScript files from polyfill[.]io. The polyfill[.]io CDN […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2401-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-13225 Upstream summary: A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-202410:15282-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-5569 Upstream summary: A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2246-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-33394 Upstream summary: An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6908 (see also SUSE bugzilla) Related CVEs: CVE-2024-24791 CVE-2024-24789 CVE-2024-24790 CVE-2024-24787 Upstream summary: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2105-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-29158 CVE-2024-29161 CVE-2024-29166 CVE-2024-32608 CVE-2024-32610 CVE-2024-32614 CVE-2024-32619 CVE-2024-32620  +5 more Upstream summary: HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2168-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38394 Upstream summary: Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2074-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-52890 Upstream summary: NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: discussion suggests that exploitation would be challenging. Table of contents […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:15608 (see also SUSE bugzilla) Related CVEs: CVE-2024-26130 Upstream summary: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:1637-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-30608 Upstream summary: sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is […]