SLES 15

SLES 15 — libspice-server1 — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libspice-server1 — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0884-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-4282 CVE-2015-3247 CVE-2015-5260 CVE-2015-5261 CVE-2016-0749 CVE-2016-2150 CVE-2016-9577 CVE-2016-9578  +1 more Upstream summary: Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows […]

Read more
SLES 15 — libwsman3 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libwsman3 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0654-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-3816 CVE-2019-3833 Upstream summary: Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was […]

Read more
SLES 15 — ruby2.5-rubygem-nokogiri — multiple vulnerabilities (11 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ruby2.5-rubygem-nokogiri — multiple vulnerabilities (11 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3890-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24836 CVE-2022-29181 CVE-2018-3740 CVE-2019-5477 CVE-2015-8241 CVE-2015-8317 CVE-2016-5131 CVE-2017-15412  +3 more Upstream summary: Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< […]

Read more
SLES 15 — libconfuse0 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libconfuse0 — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3331-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-40320 Upstream summary: cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

Read more
SLES 15 — logrotate — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — logrotate — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-3864 CVE-2022-1348 CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 Upstream summary: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed […]

Read more
SLES 15 — ppp — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ppp — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:0489-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8597 CVE-2022-4603 CVE-2014-3158 CVE-2015-3310 Upstream summary: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. […]

Read more
SLES 15 — php8-pear — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — php8-pear — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3198-1 Related CVEs: CVE-2021-32610 Upstream summary: In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. Table of contents Symptom & Impact Environment […]

Read more
SLES 15 — keepalived — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — keepalived — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2086-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-44225 CVE-2018-19044 CVE-2018-19045 CVE-2018-19046 CVE-2024-41184 Upstream summary: In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to […]

Read more
SLES 15 — libmwaw — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libmwaw — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1821-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9433 Upstream summary: Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in […]

Read more
CHAT