SLES 15

SLES 15 — xdg-utils — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — xdg-utils — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1497-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-18266 Upstream summary: The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment […]

Read more
SLES 15 — yast2-rmt — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — yast2-rmt — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0629-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-20105 CVE-2018-17957 Upstream summary: A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local […]

Read more
SLES 15 — libswscale5_9 — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libswscale5_9 — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2021-33815 CVE-2019-11338 CVE-2019-11339 CVE-2019-15942 CVE-2018-7751 CVE-2020-35964 Upstream summary: dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked. […]

Read more
SLES 15 — libjasper7 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libjasper7 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-13748 CVE-2017-13750 CVE-2017-13751 CVE-2022-40755 Upstream summary: There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead […]

Read more
SLES 15 — apache-ivy — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — apache-ivy — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4367-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-46751 Upstream summary: Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects […]

Read more
SLES 15 — evolution — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — evolution — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1266-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-15587 Upstream summary: GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a […]

Read more
SLES 15 — cron — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — cron — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2006:027 (see also SUSE bugzilla) Related CVEs: CVE-2006-2607 CVE-2010-0424 CVE-2019-9704 CVE-2019-9705 Upstream summary: do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow […]

Read more
SLES 15 — python2-WebOb — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python2-WebOb — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2969-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-42353 Upstream summary: WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does […]

Read more
SLES 15 — hunspell — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — hunspell — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2966-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-16707 Upstream summary: Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

Read more
SLES 15 — ipsec-tools — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ipsec-tools — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:0423-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-10396 Upstream summary: The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a […]

Read more
CHAT