Package Management

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:3350-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-30474 CVE-2021-30475 Upstream summary: aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-41945 Upstream summary: Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. Table of contents […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:2824-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-22940 CVE-2022-25881 CVE-2023-23920 CVE-2022-43548 CVE-2022-32212 CVE-2021-22931 CVE-2021-3672 CVE-2020-1971  +12 more Upstream summary: Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0048-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-11427 Upstream summary: OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:1334 (see also SUSE bugzilla) Related CVEs: CVE-2026-0861 CVE-2025-4802 CVE-2024-33599 CVE-2024-33600 CVE-2024-2961 CVE-2023-6246 CVE-2023-6779 CVE-2023-6780  +12 more Upstream summary: Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:9517 (see also SUSE bugzilla) Related CVEs: CVE-2011-10007 Upstream summary: File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename. A file handle is opened […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:19588 (see also SUSE bugzilla) Related CVEs: CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323 CVE-2026-6746 CVE-2026-6747 CVE-2026-6748 CVE-2026-6749  +12 more Upstream summary: Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:14769-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3246 CVE-2025-52194 CVE-2026-37555 CVE-2022-33065 CVE-2018-13139 CVE-2021-4156 CVE-2009-0186 CVE-2011-2696  +12 more Upstream summary: A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-3622 CVE-2015-0235 CVE-2014-3538 CVE-2015-1352 CVE-2015-3416 CVE-2014-9426 Upstream summary: Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow […]