SLES 15

SLES 15 — npm18 — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — npm18 — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0643-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-21892 CVE-2025-22150 CVE-2025-23085 CVE-2024-21538 CVE-2024-22020 CVE-2024-36138 CVE-2024-27980 Upstream summary: On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged […]

Read more
SLES 15 — supportutils-plugin-salt — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — supportutils-plugin-salt — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2024:4008-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-22037 Upstream summary: The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment […]

Read more
SLES 15 — collectd — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — collectd — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:2187-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-6254 CVE-2017-7401 Upstream summary: Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to […]

Read more
SLES 15 — bpftrace — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — bpftrace — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8830 (see also SUSE bugzilla) Related CVEs: CVE-2024-2313 Upstream summary: If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use […]

Read more
SLES 15 — libdb — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libdb — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3135-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-2708 Upstream summary: Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 […]

Read more
SLES 15 — opensc — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — opensc — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4089-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-40660 CVE-2021-42781 CVE-2021-42782 CVE-2023-5992 CVE-2023-40661 CVE-2023-2977 CVE-2021-42779 CVE-2019-19481  +12 more Upstream summary: A flaw was found in OpenSC packages that allow a potential PIN bypass. […]

Read more
SLES 15 — groff — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — groff — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2009-5044 CVE-2009-5080 CVE-2009-5081 Upstream summary: contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on […]

Read more
SLES 15 — fribidi — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — fribidi — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:233-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-18397 CVE-2022-25308 CVE-2022-25309 CVE-2022-25310 Upstream summary: A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause […]

Read more
SLES 15 — go1.14 — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — go1.14 — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3368-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 CVE-2021-3115 CVE-2020-24553 CVE-2021-3114 Upstream summary: Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. Table of contents Symptom & Impact […]

Read more
CHAT