Common Problems

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1658-1 (see also SUSE bugzilla) Related CVEs: CVE-2004-2771 CVE-2014-7844 Upstream summary: The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2850-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-16741 CVE-2008-4936 CVE-2018-16742 CVE-2018-16743 CVE-2018-16744 CVE-2018-16745 CVE-2019-1010190 Upstream summary: An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0220-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-22701 CVE-2025-68146 Upstream summary: filelock is a platform-independent file lock for Python. Prior to version 3.20.3, a TOCTOU race condition vulnerability exists in the SoftFileLock […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2012:0869-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-2417 CVE-2013-1445 Upstream summary: PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0580-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6418 Upstream summary: PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0083-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-35459 CVE-2021-3020 Upstream summary: An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2385-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10860 Upstream summary: perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:4092-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-1372 CVE-2019-7148 CVE-2014-0172 CVE-2014-9447 CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610  +12 more Upstream summary: A vulnerability was found in GNU elfutils 0.192. It has been declared as […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0414-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-3814 CVE-2017-14461 CVE-2019-11500 CVE-2020-10957 CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 CVE-2020-24386  +12 more Upstream summary: It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-0907 Upstream summary: Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff […]