SLES

SLES 16 — fribidi — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — fribidi — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:233-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-18397 Upstream summary: A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of […]

Read more
SLES 16 — ibus — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — ibus — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:2387-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-14822 Upstream summary: A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to […]

Read more
SLES 15 — apache-commons-text — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — apache-commons-text — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:712-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-42889 CVE-2021-37533 Upstream summary: Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", […]

Read more
SLES 15 — jetty-io — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — jetty-io — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1751-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-2332 CVE-2026-5795 CVE-2025-5115 CVE-2024-13009 CVE-2024-22201 CVE-2023-36478 CVE-2022-2048 CVE-2021-28165  +12 more Upstream summary: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk […]

Read more
SLES 15 — FastCGI — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — FastCGI — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02369-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-23016 CVE-2011-2766 Upstream summary: FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen […]

Read more
SLES 12 — openssl — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — openssl — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:299-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3711 CVE-2026-28388 CVE-2026-31789 CVE-2025-9230 CVE-2024-4741 CVE-2023-0286 CVE-2022-0778 CVE-2009-0789  +12 more Upstream summary: In order to decrypt SM2 encrypted data an application is expected to call […]

Read more
SLES 12 — FastCGI-devel — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — FastCGI-devel — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02369-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-23016 Upstream summary: FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values […]

Read more
SLES 12 — libssh2 — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libssh2 — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:4230-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-48795 CVE-2020-22218 CVE-2019-17498 CVE-2015-1782 CVE-2016-0787 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857  +6 more Upstream summary: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 […]

Read more
SLES 16 — ghostscript — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — ghostscript — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:3044-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3781 CVE-2013-5653 CVE-2016-7976 CVE-2016-7977 CVE-2016-7978 CVE-2016-7979 CVE-2019-3835 CVE-2019-3838  +12 more Upstream summary: A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in […]

Read more
SLES 16 — freeipmi — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — freeipmi — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:13515 (see also SUSE bugzilla) Related CVEs: CVE-2026-33554 Upstream summary: ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set […]

Read more
CHAT