Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:0699-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-2510 Upstream summary: BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:0560-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-37460 Upstream summary: Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1890-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-17042 Upstream summary: lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01731-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-22866 CVE-2024-45336 CVE-2024-45341 CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 CVE-2024-24788 Upstream summary: Due to the usage of a variable time instruction in the assembly implementation of an internal […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:283-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-38185 CVE-2023-7207 CVE-2019-14866 CVE-2014-9112 CVE-2016-2037 Upstream summary: GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:1829-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-52323 Upstream summary: PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0319-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-4806 CVE-2022-48064 CVE-2019-1010180 CVE-2017-16829 CVE-2018-7208 Upstream summary: Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Table of contents Symptom & Impact […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:4193-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-45463 CVE-2018-10113 CVE-2012-4433 Upstream summary: load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8795 (see also SUSE bugzilla) Related CVEs: CVE-2023-37536 CVE-2018-1311 CVE-2017-12627 CVE-2009-1885 CVE-2016-0729 CVE-2016-2099 CVE-2016-4463 Upstream summary: An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:0405-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-5208 Upstream summary: It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, […]