Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1989-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-5824 CVE-2016-5827 CVE-2016-9584 Upstream summary: libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. Table of contents […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2009:018 (see also SUSE bugzilla) Related CVEs: CVE-2009-2473 CVE-2009-2474 Upstream summary: neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2022:4496-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12351 CVE-2020-24490 CVE-2020-25705 CVE-2020-12352 Upstream summary: Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2931-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-14226 CVE-2018-19208 Upstream summary: WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:2065-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-0794 CVE-2012-4453 CVE-2016-8637 Upstream summary: modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:742-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-9893 Upstream summary: libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1626-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-4419 CVE-2013-2124 Upstream summary: The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the –remote or –listen option, does not properly check the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14389-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-47191 CVE-2013-7322 Upstream summary: pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:860-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19906 CVE-2020-8032 CVE-2022-24407 CVE-2009-0688 Upstream summary: cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:0016-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-18389 CVE-2019-18391 CVE-2022-0135 CVE-2016-10214 CVE-2017-5937 CVE-2017-5957 CVE-2019-18388 CVE-2019-18390  +7 more Upstream summary: A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through […]