Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:858-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5186 Upstream summary: Audit before 2.4.4 in Linux does not sanitize escape characters in filenames. Table of contents Symptom & Impact Environment & Reproduction Root […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2007-4129 Upstream summary: CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:1054-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-2361 CVE-2008-2942 CVE-2015-7545 CVE-2016-3068 CVE-2016-3069 CVE-2016-3105 CVE-2016-3630 CVE-2017-1000116  +8 more Upstream summary: A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2009-5044 CVE-2009-5080 CVE-2009-5081 Upstream summary: contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2011:007 Related CVEs: CVE-2011-0460 Upstream summary: The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map. Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1103-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-2003 CVE-2015-9262 CVE-2017-16612 Upstream summary: Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1103-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-1986 Upstream summary: Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:2211-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-7164 CVE-2019-7548 Upstream summary: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. Table of contents Symptom & Impact Environment […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8834 (see also SUSE bugzilla) Related CVEs: CVE-2023-41419 Upstream summary: An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0118-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-33663 CVE-2024-33664 Upstream summary: python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217. Table of […]