SLES 12

SLES 12 — libxslt1 — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libxslt1 — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:20892-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-11731 CVE-2024-55549 CVE-2025-24855 CVE-2021-30560 CVE-2019-18197 CVE-2016-4738 CVE-2017-5029 CVE-2019-11068  +4 more Upstream summary: A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT […]

Read more
SLES 12 — gpg2 — multiple vulnerabilities (11 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — gpg2 — multiple vulnerabilities (11 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:0697 (see also SUSE bugzilla) Related CVEs: CVE-2025-68973 CVE-2010-2547 CVE-2013-4402 CVE-2018-12020 CVE-2022-34903 CVE-2014-4617 CVE-2015-1606 CVE-2015-1607  +3 more Upstream summary: In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index […]

Read more
SLES 12 — bind — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — bind — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:11371 (see also SUSE bugzilla) Related CVEs: CVE-2026-1519 CVE-2025-40778 CVE-2024-11187 CVE-2024-1737 CVE-2024-1975 CVE-2023-4408 CVE-2023-50387 CVE-2023-50868  +12 more Upstream summary: If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted […]

Read more
SLES 12 — dovecot22 — multiple vulnerabilities (19 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — dovecot22 — multiple vulnerabilities (19 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1641-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-27856 CVE-2025-59032 CVE-2026-27858 CVE-2020-12673 CVE-2020-12674 CVE-2020-24386 CVE-2017-14461 CVE-2019-11500  +11 more Upstream summary: Doveadm credentials are verified using direct comparison which is susceptible to timing oracle […]

Read more
SLES 12 — yubikey-manager — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — yubikey-manager — vulnerability — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2017-15631 Upstream summary: TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file. Table […]

Read more
SLES 12 — ntp — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — ntp — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:2058-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-7705 CVE-2015-7853 CVE-2015-7871 CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2014-9297  +12 more Upstream summary: The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 […]

Read more
SLES 12 — lib3ds — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — lib3ds — vulnerability — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2010-0280 Upstream summary: Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of […]

Read more
SLES 12 — openslp — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — openslp — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-5544 CVE-2017-17833 CVE-2010-3609 CVE-2016-4912 CVE-2016-7567 Upstream summary: OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated […]

Read more
SLES 12 — npm12 — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — npm12 — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:2824-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-22940 CVE-2022-43548 CVE-2022-32212 CVE-2022-2097 CVE-2020-8172 CVE-2020-8277 CVE-2021-37701 CVE-2021-37712  +12 more Upstream summary: Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free […]

Read more
SLES 12 — hawk2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — hawk2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0088-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-35458 CVE-2021-25314 Upstream summary: An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id […]

Read more
CHAT