Common Problems

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1534-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-32487 CVE-2022-48624 CVE-2022-46663 CVE-2014-9488 Upstream summary: less through 653 allows OS command execution via a newline character in the name of a file, because quoting […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3289-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-50186 Upstream summary: GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:2125-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-22191 CVE-2020-26418 CVE-2020-26419 CVE-2020-26420 CVE-2020-26421 CVE-2020-26422 CVE-2021-22173 CVE-2021-22174  +1 more Upstream summary: Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02734-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-6297 CVE-2022-1664 CVE-2015-0840 Upstream summary: It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:167-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3520 CVE-2019-17543 Upstream summary: There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1651-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-4317 Upstream summary: Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2009-0035 Upstream summary: alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1037-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1100 CVE-2019-20044 CVE-2021-45444 CVE-2018-0502 CVE-2018-13259 CVE-2014-10070 CVE-2017-18206 CVE-2014-10071  +6 more Upstream summary: zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1340-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-20340 Upstream summary: Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02974-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-46836 Upstream summary: net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn […]