SLES

SLES 16 — libpulse0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — libpulse0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2008-0008 CVE-2014-3970 Upstream summary: The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, […]

Read more
SLES 15 — cmark — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — cmark — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:1834-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-22486 Upstream summary: cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 contain a […]

Read more
SLES 12 — iputils-s20121221 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — iputils-s20121221 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2010-2529 CVE-2025-48964 CVE-2025-47268 Upstream summary: Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a […]

Read more
SLES 16 — tmux — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — tmux — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2020:1834-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-27347 CVE-2018-19387 CVE-2022-47016 Upstream summary: In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by […]

Read more
SLES 15 — libvdpau1 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libvdpau1 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1892-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 Upstream summary: libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, […]

Read more
SLES 15 — python3-requests — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-requests — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1218-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-25645 CVE-2024-47081 Upstream summary: Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from […]

Read more
SLES 16 — umoci — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — umoci — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:1116-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-29136 CVE-2021-41190 Upstream summary: Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal […]

Read more
SLES 12 — librsvg — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — librsvg — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1288-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-1000041 CVE-2019-20446 CVE-2011-3146 CVE-2013-1881 CVE-2017-11464 Upstream summary: GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in […]

Read more
SLES 15 — openjpeg2 — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — openjpeg2 — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:1252-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-6851 CVE-2020-8112 CVE-2017-14151 CVE-2017-14152 CVE-2020-27823 CVE-2024-56826 CVE-2018-20846 CVE-2020-27824  +12 more Upstream summary: OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because […]

Read more
SLES 15 — python310 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python310 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:10950 (see also SUSE bugzilla) Related CVEs: CVE-2026-2297 Upstream summary: The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does […]

Read more
CHAT