SLES

SLES 16 — apache-commons-lang3 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — apache-commons-lang3 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02785-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-48924 Upstream summary: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 […]

Read more
SLES 12 — libdb — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libdb — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3135-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-2708 Upstream summary: Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 […]

Read more
SLES 16 — augeas — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — augeas — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1017-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-0786 CVE-2014-8119 CVE-2017-7555 CVE-2025-2588 Upstream summary: The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive […]

Read more
SLES 12 — apache-commons-httpclient — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — apache-commons-httpclient — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3149-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5262 CVE-2014-3577 CVE-2012-5783 Upstream summary: http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers […]

Read more
SLES 15 — blktrace — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — blktrace — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0919-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10689 Upstream summary: blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function […]

Read more
SLES 15 — yast2-devtools — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — yast2-devtools — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1890-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-17042 Upstream summary: lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to […]

Read more
SLES 12 — at — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — at — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:723-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-8079 CVE-2016-6354 Upstream summary: qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db. Table of contents Symptom & Impact Environment & Reproduction […]

Read more
SLES 12 — pam — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — pam — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10379 (see also SUSE bugzilla) Related CVEs: CVE-2024-10041 CVE-2024-22365 CVE-2010-3430 CVE-2010-3431 CVE-2010-3853 CVE-2011-3148 CVE-2014-2583 CVE-2015-3238  +1 more Upstream summary: A vulnerability was found in PAM. The secret information is stored in memory, […]

Read more
SLES 12 — guile — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — guile — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:0394-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-8605 Upstream summary: The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other […]

Read more
SLES 16 — cracklib — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — cracklib — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-6318 Upstream summary: Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) […]

Read more
CHAT