SLES

SLES 15 — alsa — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — alsa — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2009-0035 Upstream summary: alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts. […]

Read more
SLES 15 — xmlgraphics-batik — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — xmlgraphics-batik — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0777-1 Related CVEs: CVE-2022-44729 CVE-2020-11988 CVE-2022-41704 CVE-2022-42890 CVE-2022-44730 CVE-2019-17566 CVE-2020-11987 CVE-2022-38398  +2 more Upstream summary: Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML […]

Read more
SLES 12 — libsasl2 — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libsasl2 — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1151-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24407 CVE-2019-19906 CVE-2009-0688 Upstream summary: In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE […]

Read more
SLES 15 — python2-numpy — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python2-numpy — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:314-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-33430 CVE-2021-41495 CVE-2021-41496 CVE-2017-12852 CVE-2019-6446 Upstream summary: A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of […]

Read more
SLES 15 — libre2 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libre2 — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0573-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-32731 Upstream summary: When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any […]

Read more
SLES 16 — bsh2 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — bsh2 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:0699-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-2510 Upstream summary: BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to […]

Read more
SLES 15 — bogofilter-db — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — bogofilter-db — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:014 (see also SUSE bugzilla) Related CVEs: CVE-2010-2494 CVE-2012-5468 Upstream summary: Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote […]

Read more
SLES 15 — libavif13 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libavif13 — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0423-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-6704 Upstream summary: Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a […]

Read more
SLES 12 — cloud-init — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — cloud-init — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2021:6-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8631 CVE-2020-8632 CVE-2021-3429 CVE-2023-1786 CVE-2019-0816 Upstream summary: cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to […]

Read more
SLES 15 — golang-github-prometheus-alertmanager — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — golang-github-prometheus-alertmanager — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0191-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-40577 CVE-2025-47908 Upstream summary: Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests […]

Read more
CHAT