SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2024:1448-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25657 Upstream summary: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1736-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-29217 Upstream summary: PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:019 (see also SUSE bugzilla) Related CVEs: CVE-2010-2522 CVE-2010-2523 Upstream summary: The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-3504 Upstream summary: The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1368-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-5209 CVE-2017-5834 CVE-2017-6435 CVE-2017-6437 CVE-2017-6438 CVE-2017-6439 CVE-2017-6440 CVE-2017-7982  +4 more Upstream summary: The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1791-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-12779 CVE-2023-39976 Upstream summary: libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10953 (see also SUSE bugzilla) Related CVEs: CVE-2024-53899 Upstream summary: virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:3470-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-10756 CVE-2021-3592 CVE-2021-3593 CVE-2021-3595 Upstream summary: An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2009:020 (see also SUSE bugzilla) Related CVEs: CVE-2009-3627 Upstream summary: The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2931-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-14226 CVE-2018-19208 Upstream summary: WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer […]