SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2011:045 (see also SUSE bugzilla) Related CVEs: CVE-2006-7246 CVE-2015-2924 CVE-2018-1000135 CVE-2020-10754 CVE-2021-20297 CVE-2016-0764 Upstream summary: NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-10370 Upstream summary: Certain Cypress (and Broadcom) Wireless Combo chips such as CYW43455, when a 2021-01-26 Bluetooth firmware update is not present, allow a Bluetooth […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:2134-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-45958 CVE-2022-31116 CVE-2022-31117 Upstream summary: UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1076-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9432 Upstream summary: Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-7685 CVE-2017-7436 CVE-2017-9269 CVE-2017-9271 CVE-2018-20532 CVE-2018-20533 CVE-2019-18900 CVE-2024-0217  +1 more Upstream summary: The decoupled download and installation steps in libzypp before 17.5.0 could lead to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2008-5008 Upstream summary: Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2385-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10860 Upstream summary: perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0492-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-44566 CVE-2021-22880 Upstream summary: A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3876-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-49769 CVE-2022-24761 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 Upstream summary: Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0026-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-9636 CVE-2018-1000035 CVE-2005-2475 CVE-2014-9913 CVE-2016-9844  +5 more Upstream summary: Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier […]