Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:4898 (see also SUSE bugzilla) Related CVEs: CVE-2025-67873 CVE-2025-68114 Upstream summary: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:015 (see also SUSE bugzilla) Related CVEs: CVE-2010-0407 CVE-2010-4531 CVE-2016-10109 Upstream summary: Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0928-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-4038 CVE-2014-4039 Upstream summary: ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1101-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-23645 CVE-2020-28407 Upstream summary: swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:0637-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-1000024 Upstream summary: Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:3845-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-61962 CVE-2021-36386 CVE-2021-39272 CVE-2009-2666 CVE-2010-1167 CVE-2011-1947 CVE-2012-3482 Upstream summary: In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:010 (see also SUSE bugzilla) Related CVEs: CVE-2009-4273 CVE-2010-0412 CVE-2009-2911 CVE-2010-0411 Upstream summary: stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:3033-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-17407 CVE-2020-8016 CVE-2020-8017 CVE-2023-46048 Upstream summary: An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03199-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-57804 Upstream summary: h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-6913 CVE-2023-31484 CVE-2025-40909 CVE-2018-6798 CVE-2010-2761 CVE-2010-4410 CVE-2010-4411 CVE-2010-4777  +11 more Upstream summary: Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent […]