Suse Opensuse Tumbleweed
10 CVEs affecting Suse Opensuse Tumbleweed. Latest disclosed: 2026-05-13. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-23386 | High | 7.8 | 2025-04-10 | A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affect… |
CVE-2024-22029 | High | 7.8 | 2024-10-16 | Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root |
CVE-2024-22033 | Medium | 6.3 | 2024-10-16 | The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that al… |
CVE-2024-22034 | Medium | 5.5 | 2024-10-16 | Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for t… |
CVE-2026-41051 | Medium | 5.0 | 2026-05-13 | csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories. |
CVE-2025-53882 | Medium | 4.4 | 2025-07-23 | A Reliance on Untrusted Inputs in a Security Decision vulnerability in the logrotate configuration for openSUSE mailman3 package allows the mailman user to sen… |
CVE-2025-62875 | | 2025-11-20 | An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbl… | |
CVE-2025-23394 | | 2025-05-26 | A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumb… | |
CVE-2024-49504 | | 2024-11-13 | grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. | |
CVE-2023-32190 | | 2024-10-16 | mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges. |