SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:0699-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-2510 Upstream summary: BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:014 (see also SUSE bugzilla) Related CVEs: CVE-2010-2494 CVE-2012-5468 Upstream summary: Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0423-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-6704 Upstream summary: Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2021:6-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8631 CVE-2020-8632 CVE-2021-3429 CVE-2023-1786 CVE-2019-0816 Upstream summary: cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0191-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-40577 CVE-2025-47908 Upstream summary: Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1545-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-6496 Upstream summary: conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1418-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-58251 Upstream summary: In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:3857-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-32839 CVE-2023-30608 CVE-2024-2430 Upstream summary: sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4218-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-43361 CVE-2014-9638 CVE-2014-9639 CVE-2014-9640 CVE-2015-6749 Upstream summary: Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8037 (see also SUSE bugzilla) Related CVEs: CVE-2024-42934 Upstream summary: OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with […]