SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-1000097 Upstream summary: Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:3845-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-61962 CVE-2021-36386 CVE-2021-39272 CVE-2009-2666 CVE-2010-1167 CVE-2011-1947 CVE-2012-3482 Upstream summary: In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1926-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-4566 CVE-2015-5244 CVE-2016-3099 Upstream summary: mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2966-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-16707 Upstream summary: Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3093-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-21241 CVE-2021-23385 Upstream summary: The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-14722 Upstream summary: An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:0699-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-2510 Upstream summary: BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1374-2 (see also SUSE bugzilla) Related CVEs: CVE-2018-11439 CVE-2012-2396 Upstream summary: The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:1138-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1601 Upstream summary: yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10590 (see also SUSE bugzilla) Related CVEs: CVE-2024-52804 Upstream summary: Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to […]