Blog

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:2383-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-2150 Upstream summary: xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2011:005 (see also SUSE bugzilla) Related CVEs: CVE-2011-0541 CVE-2015-3202 CVE-2018-10906 CVE-2009-3297 Upstream summary: fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2632-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-49990 CVE-2023-49991 CVE-2023-49992 CVE-2023-49993 CVE-2023-49994 Upstream summary: Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c. Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3541-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-8981 CVE-2017-6841 CVE-2017-6842 CVE-2017-6849 CVE-2017-8378 CVE-2019-10723 CVE-2018-12983 CVE-2019-20093  +12 more Upstream summary: Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4090-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-43641 Upstream summary: libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:0032-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36314 CVE-2019-16680 CVE-2020-11736 Upstream summary: fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-202410:15282-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-5569 Upstream summary: A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:1621-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-11865 CVE-2020-11866 CVE-2020-13999 CVE-2020-11863 CVE-2020-11864 Upstream summary: libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. Table of contents Symptom & Impact Environment […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8037 (see also SUSE bugzilla) Related CVEs: CVE-2024-42934 Upstream summary: OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2741-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-10696 CVE-2022-2990 CVE-2022-27651 Upstream summary: A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a […]