SLES 15

SLES 15 — gstreamer-plugins-ugly — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — gstreamer-plugins-ugly — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:6259 (see also SUSE bugzilla) Related CVEs: CVE-2026-2920 CVE-2026-2922 CVE-2023-38103 CVE-2023-38104 Upstream summary: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code […]

Read more
SLES 15 — tar — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — tar — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:0002 (see also SUSE bugzilla) Related CVEs: CVE-2025-45582 CVE-2022-48303 CVE-2010-0624 CVE-2016-6321 CVE-2021-20193 CVE-2023-39804 CVE-2018-20482 CVE-2019-9923 Upstream summary: GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with […]

Read more
SLES 15 — vim — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — vim — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1347-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-34714 CVE-2026-34982 CVE-2023-4750 CVE-2024-22667 CVE-2023-5535 CVE-2023-4733 CVE-2023-4738 CVE-2023-4752  +12 more Upstream summary: Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted […]

Read more
SLES 15 — fontforge — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — fontforge — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:6628 (see also SUSE bugzilla) Related CVEs: CVE-2025-15270 CVE-2024-25081 CVE-2024-25082 CVE-2020-5395 CVE-2020-5496 CVE-2025-50949 CVE-2017-17521 Upstream summary: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows […]

Read more
SLES 15 — valkey — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — valkey — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1949-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-23631 CVE-2026-25243 CVE-2026-23479 CVE-2025-67733 CVE-2026-21863 CVE-2025-49112 Upstream summary: Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated […]

Read more
SLES 15 — texlive — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — texlive — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2019-18604 CVE-2023-32700 CVE-2016-10243 CVE-2018-17407 CVE-2020-8016 CVE-2020-8017 CVE-2023-46048 CVE-2023-46051 Upstream summary: In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and […]

Read more
SLES 15 — ovmf — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ovmf — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0579-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-12178 CVE-2026-25833 CVE-2026-25835 CVE-2026-34874 CVE-2022-36765 CVE-2022-36764 CVE-2022-36763 CVE-2023-45230  +12 more Upstream summary: Buffer overflow in network stack for EDK II may allow unprivileged user to […]

Read more
SLES 15 — libodbc2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libodbc2 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:719-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-7409 CVE-2018-7485 Upstream summary: In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c. Table of contents Symptom & Impact […]

Read more
SLES 15 — gvfs — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — gvfs — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1717-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-12447 CVE-2019-12449 CVE-2026-28296 CVE-2019-12448 CVE-2026-28295 CVE-2019-12795 CVE-2019-3827 Upstream summary: An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid […]

Read more
SLES 15 — log4j — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — log4j — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory BLOG-LOG4SHELL (see also SUSE bugzilla) Related CVEs: CVE-2021-44228 CVE-2019-17571 CVE-2022-23305 CVE-2022-23307 CVE-2021-45105 CVE-2021-45046 CVE-2026-34477 CVE-2026-34479  +7 more Upstream summary: Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI […]

Read more
CHAT