SLES 15

SLES 15 — cpp7 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — cpp7 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:3021-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-4039 CVE-2019-14250 CVE-2019-15847 CVE-2020-13844 Upstream summary: **DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing […]

Read more
SLES 15 — libmspack0 — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libmspack0 — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0886-1 (see also SUSE bugzilla) Related CVEs: CVE-2010-2800 CVE-2010-2801 CVE-2014-9556 CVE-2018-18584 CVE-2018-18585 CVE-2018-18586 CVE-2019-1010305 Upstream summary: The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service […]

Read more
SLES 15 — supportutils — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — supportutils — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0480-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-19637 CVE-2018-19639 CVE-2022-45154 CVE-2018-19640 CVE-2018-19638 Upstream summary: Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems […]

Read more
SLES 15 — targetcli-fb-common — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — targetcli-fb-common — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-10699 CVE-2020-13867 Upstream summary: A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If […]

Read more
SLES 15 — libdwarf1 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libdwarf1 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:2784-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-27545 Upstream summary: libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted […]

Read more
SLES 15 — wavpack — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — wavpack — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0186-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10536 CVE-2018-10537 CVE-2018-6767 CVE-2020-35738 CVE-2021-44269 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540  +7 more Upstream summary: An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component […]

Read more
SLES 15 — zypper — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — zypper — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-7685 CVE-2017-7436 CVE-2017-9269 CVE-2017-9271 CVE-2018-20532 CVE-2018-20533 CVE-2019-18900 CVE-2024-0217  +1 more Upstream summary: The decoupled download and installation steps in libzypp before 17.5.0 could lead to […]

Read more
SLES 15 — libusbmuxd — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libusbmuxd — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:1639-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-5104 Upstream summary: The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on […]

Read more
SLES 15 — ruby2.5-rubygem-activerecord — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ruby2.5-rubygem-activerecord — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0492-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-44566 CVE-2021-22880 Upstream summary: A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a […]

Read more
SLES 15 — python3-ecdsa — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-ecdsa — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1436-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-33936 Upstream summary: The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature […]

Read more
CHAT