Blog

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2021:741-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12825 CVE-2017-7960 CVE-2017-7961 CVE-2017-8834 CVE-2017-8871 Upstream summary: libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2021:1414-1 (see also SUSE bugzilla) Related CVEs: CVE-2008-0171 Upstream summary: regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2234-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-2834 CVE-2017-2835 CVE-2018-0886 CVE-2018-8784 CVE-2018-8785 CVE-2018-8786 CVE-2018-8787 CVE-2018-8788  +6 more Upstream summary: An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03199-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-57804 Upstream summary: h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2011-2199 Upstream summary: Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1767-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-4340 CVE-2021-32839 Upstream summary: Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Table of contents Symptom & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02974-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-46836 Upstream summary: net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2023-4016 Upstream summary: procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1162-1 (see also SUSE bugzilla) Related CVEs: CVE-2010-4651 CVE-2015-1196 CVE-2016-10713 CVE-2019-13636 CVE-2021-45261 CVE-2018-6951 CVE-2018-6952 CVE-2019-20633 Upstream summary: Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1174-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36430 CVE-2020-26682 CVE-2020-24994 CVE-2016-7969 CVE-2016-7970 CVE-2016-7972 Upstream summary: libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because […]