Common Problems

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0921-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-0797 CVE-2016-9447 CVE-2016-9808 CVE-2025-47806 CVE-2025-47807 CVE-2025-47808 CVE-2022-1920 CVE-2022-1921  +10 more Upstream summary: GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1076-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9432 Upstream summary: Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:006 (see also SUSE bugzilla) Related CVEs: CVE-2009-3736 Upstream summary: ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10953 (see also SUSE bugzilla) Related CVEs: CVE-2024-53899 Upstream summary: virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:015 (see also SUSE bugzilla) Related CVEs: CVE-2010-0407 CVE-2010-4531 CVE-2016-10109 Upstream summary: Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2011:001 (see also SUSE bugzilla) Related CVEs: CVE-2010-2891 Upstream summary: Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:338-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-42969 Upstream summary: The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1288-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1000041 CVE-2019-20446 CVE-2011-3146 CVE-2013-1881 CVE-2017-11464 Upstream summary: GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0670-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-1191 Upstream summary: Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0284-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-3239 Upstream summary: Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes. […]