Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how opensuse compares to other vendors in security performance

View Risk Score →

Software

opensuse leap
281
opensuse
254
opensuse backports
134
opensuse opensuse
132
opensuse backports sle
28
opensuse open build service
11
opensuse project leap
8
opensuse openstack cloud
6
opensuse project suse linux enterprise desktop
5
opensuse project suse linux enterprise server
5
opensuse project suse linux enterprise software development kit
5
opensuse project suse linux enterprise workstation extension
5
opensuse factory
4
opensuse tumbleweed
4
opensuse project suse linux enterprise debuginfo
3
opensuse evergreen
2
opensuse libeconf
2
opensuse munge
2
opensuse openldap2
2
opensuse welcome
2
opensuse gerbera
1
opensuse inn
1
opensuse libzypp
1
opensuse libzypp-plugin-appdata
1
opensuse open buildservice
1
opensuse pcp
1
opensuse project suse linux enterprise server for raspberry pi
1
opensuse python-postorius
1
opensuse rmt server
1
opensuse rmt-server
1
opensuse supportutils
1
opensuse texlive-filesystem
1
opensuse traefik2
1
opensuse yast2 samba provision
1

openSUSE LibzyppPath Traversal in Plugin Loading in libzypp

Risk 72
Severity
8.5
First published (updated )
CVE-2026-44933

SUSE Linux Enterprise ServerLinux Kernel Incorrect Resource Transfer Between Spheres Vulnerability

Risk 91
Severity
7.8
Exploited
Trending
Year
First published (updated )
CVE-2026-31431

MUNGE MUNGEMUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery

Risk 53
Severity
7.8
EPSS
0.02%
First published (updated )
CVE-2026-25506

openSUSE traefik2A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traef…

Risk 73
Severity
8.5
First published (updated )
CVE-2025-46810

openSUSE gerberagerbera: Privilege escalation from user gerbera to root because of insecure %post script

Risk 69
Severity
7.8
First published (updated )
CVE-2025-23386
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

openSUSE LeapA Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux En…

Risk 69
Severity
7.8
First published (updated )
CVE-2023-32182

openSUSE libeconfA stack overflow vulnerability exists in function econf_writeFile in file atlibeconf/lib/libeconf.c …

Risk 77
Severity
8.8
First published (updated )
CVE-2023-30078

openSUSE libeconfA stack overflow vulnerability exists in function read_file in atlibeconf/lib/getfilecontents.c in l…

Risk 77
Severity
8.8
First published (updated )
CVE-2023-30079

openSUSE welcomeopenSUSE-welcome: local privilege escalation when choosing XFCE desktop layout (CVE-2023-32184)

Risk 71
Severity
7.8
First published (updated )
CVE-2023-32184

openSUSE TumbleweedIncorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package allows users wi…

Risk 69
Severity
7.8
First published (updated )
CVE-2023-32183
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SUSE Linux Enterprise Module for SAP Applicationssaphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls

Risk 69
Severity
7.8
First published (updated )
CVE-2022-45153

openSUSE libzypp-plugin-appdatalibzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls

Risk 68
Severity
7.8
First published (updated )
CVE-2023-22643

openSUSE rmt-serverrmt-server-pubcloud allows to escalate from user _rmt to root

Risk 69
Severity
7.8
First published (updated )
CVE-2022-31254

openSUSE Travel support programtravel-support-program vulnerable to data exfiltration via Ransack query injection

Risk 43
Severity
7.5
First published (updated )
CVE-2022-46163

OpenSUSE openldap2openldap2: /usr/lib/openldap/start allows ldap user/group to recursively chown arbitrary directory trees to itself

Risk 69
Severity
7.8
First published (updated )
CVE-2022-31253
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

openSUSE Factorysendmail: mail to root privilege escalation via sm-client.pre script

Risk 69
Severity
7.8
First published (updated )
CVE-2022-31256

openSUSE Tumbleweedkeylime %post scriplet allows for privilege escalation from keylime user to root

Risk 69
Severity
7.8
First published (updated )
CVE-2022-31250

openSUSE Open Build Servicelogin-proxy sends password to attacker-provided domain

Risk 77
Severity
8.8
First published (updated )
CVE-2021-36777

SUSE Linux Enterprise ServerCommand Injection

Risk 72
Severity
7.8
First published (updated )
CVE-2021-45082

openSUSE Factory watchmanwatchman: chown in watchman@.socket unit allows symlink attack

Risk 69
Severity
7.8
First published (updated )
CVE-2022-21944
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apple iOS and macOSOut-of-bounds Read in vim/vim

Risk 53
Severity
7.1
First published (updated )
CVE-2021-4166

redhat/cgiCGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affe…

Risk 46
Severity
7.5
First published (updated )
CVE-2021-41819

redhat/ruby-dateDate.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service…

Risk 46
Severity
7.5
First published (updated )
CVE-2021-41817

IBM Business Automation InsightsBuffer Overflow

Risk 45
Severity
7.5
First published (updated )
CVE-2021-33930

IBM Business Automation InsightsBuffer Overflow

Risk 45
Severity
7.5
First published (updated )
CVE-2021-33928
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SUSE arpwatcharpwatch: Local privilege escalation from runtime user to root

Risk 69
Severity
7.8
First published (updated )
CVE-2021-25321

Python-hyperkitty Project Python-hyperkittypython-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root

Risk 69
Severity
7.8
First published (updated )
CVE-2021-25322

openSUSE python-postoriuspython-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root

Risk 69
Severity
7.8
First published (updated )
CVE-2021-31997

openSUSE inninn: %post calls user owned file allowing local privilege escalation to root

Risk 69
Severity
7.8
First published (updated )
CVE-2021-31998

openSUSE Factoryvirtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group

Risk 69
Severity
7.8
First published (updated )
CVE-2021-25319
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203