SLES 12

SLES 12 — python-keystoneclient — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — python-keystoneclient — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-0105 Upstream summary: The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens from […]

Read more
SLES 12 — sblim-sfcb — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — sblim-sfcb — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:2116-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5185 Upstream summary: The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference […]

Read more
SLES 12 — tcpdump — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — tcpdump — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1765-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-16301 CVE-2020-8037 CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2016-7922 CVE-2016-7923  +12 more Upstream summary: The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in […]

Read more
SLES 12 — yast2-users — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — yast2-users — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:1138-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1601 Upstream summary: yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an […]

Read more
SLES 12 — xkbcomp — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — xkbcomp — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:232-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-15853 CVE-2018-15859 CVE-2018-15861 CVE-2018-15863 Upstream summary: Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to […]

Read more
SLES 12 — libsasl2 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libsasl2 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1151-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24407 CVE-2019-19906 CVE-2009-0688 Upstream summary: In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE […]

Read more
SLES 12 — apache-commons-lang — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — apache-commons-lang — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02785-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-48924 Upstream summary: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 […]

Read more
SLES 12 — libsaml8 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libsaml8 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01500-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-31335 CVE-2017-16853 Upstream summary: The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely […]

Read more
SLES 12 — fence-agents — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — fence-agents — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-0104 CVE-2019-10153 Upstream summary: In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers […]

Read more
SLES 12 — libxkbfile1 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libxkbfile1 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:2500 (see also SUSE bugzilla) Related CVEs: CVE-2025-26595 Upstream summary: A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and […]

Read more
CHAT