Opensuse Security Vulnerabilities (CVEs)

Track 19 security vulnerabilities affecting Opensuse products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

4 Critical

12 High

3 Medium

Sort by:

🔔 Get Alerts for Opensuse

CVE-2026-25506 7.7

A buffer overflow vulnerability in MUNGE authentication daemon (munged) versions 0.5 to 0.5.17 allows local attackers to leak cryptographic key materi...

Feb 10, 2026

CVE-2025-62875 5.5

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash the service through a denial-of-service...

Nov 20, 2025

CVE-2025-32463 9.3

This vulnerability in Sudo allows local users to escalate privileges to root by exploiting the --chroot option to load a malicious /etc/nsswitch.conf ...

Jun 30, 2025

CVE-2024-49505 6.1

This reflected cross-site scripting (XSS) vulnerability in openSUSE Tumbleweed MirrorCache allows attackers to inject malicious JavaScript via the REG...

Nov 13, 2024

CVE-2023-32184 7.8

This vulnerability allows local attackers to execute arbitrary code as the user running opensuse-welcome by exploiting insecure storage of sensitive i...

Sep 19, 2023

CVE-2023-32183 7.8

This vulnerability allows users with hacluster group access on openSUSE Tumbleweed systems to escalate privileges to root due to incorrect default per...

Jul 7, 2023

CVE-2022-31254 7.8

This vulnerability allows local attackers with access to the _rmt user account to escalate privileges to root due to incorrect default permissions in ...

Feb 7, 2023

CVE-2022-21949 8.8

CVE-2022-21949 is an XXE (XML External Entity) vulnerability in SUSE Open Build Service that allows attackers to read arbitrary files from the server ...

May 3, 2022

CVE-2021-36777 8.1

This vulnerability in openSUSE Build Service login proxy allows attackers to create fake login forms that capture user credentials in plain text and s...

Mar 9, 2022

CVE-2021-41819 7.5

This vulnerability in Ruby's CGI::Cookie.parse function mishandles security prefixes in cookie names, allowing attackers to bypass cookie security mec...

Jan 1, 2022

CVE-2021-41817 7.5

CVE-2021-41817 is a regular expression denial of service (ReDoS) vulnerability in Ruby's date gem. Attackers can cause denial of service by sending sp...

Jan 1, 2022

CVE-2021-4166 7.1

CVE-2021-4166 is an out-of-bounds read vulnerability in Vim text editor that allows attackers to read memory contents beyond allocated buffers. This a...

Dec 25, 2021

CVE-2021-33928 7.5

A buffer overflow vulnerability in libsolv's pool_installable function allows attackers to cause Denial of Service by crashing applications using this...

Sep 2, 2021

CVE-2021-33930 7.5

A buffer overflow vulnerability in libsolv's pool_installable_whatprovides function allows attackers to cause Denial of Service by crashing the applic...

Sep 2, 2021

CVE-2021-25319 7.8

This vulnerability allows local attackers in the vboxusers group on openSUSE systems to escalate privileges to root due to incorrect default permissio...

May 5, 2021

CVE-2020-15999 9.6

This CVE describes a heap buffer overflow vulnerability in the Freetype font rendering library used by Google Chrome. A remote attacker could exploit ...

Nov 3, 2020

CVE-2020-15683 9.8

This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could exploit...

Oct 22, 2020

CVE-2020-26935 9.8

This SQL injection vulnerability in phpMyAdmin's search feature allows attackers to inject malicious SQL queries. It affects all phpMyAdmin installati...

Oct 10, 2020

CVE-2020-1472 5.5

CVE-2020-1472 (Zerologon) is a critical authentication bypass vulnerability in Microsoft's Netlogon protocol that allows unauthenticated attackers to ...

Aug 17, 2020

Why Monitor Opensuse Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 19+ known vulnerabilities affecting Opensuse products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Opensuse packages in under 60 seconds. No agents required - completely agentless scanning that works across Opensuse deployments.

Free vulnerability database: Access detailed information about every Opensuse CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Opensuse CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Opensuse CVEs Free