SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-16611 Upstream summary: In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:4334-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-5752 CVE-2023-28858 CVE-2023-28859 CVE-2026-1703 Upstream summary: When installing a package from a Mercurial VCS URL (ie "pip install hg+…") with pip prior to v23.3, the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0928-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-4038 CVE-2014-4039 Upstream summary: ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4449-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45897 Upstream summary: exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2011-3602 Upstream summary: Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3372-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2255 Upstream summary: A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2012-2673 Upstream summary: Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0491-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-26937 CVE-2025-46802 CVE-2017-5618 Upstream summary: encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3189-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25697 Upstream summary: A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2669-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-36978 CVE-2017-11624 CVE-2017-11625 CVE-2017-11627 CVE-2022-34503 CVE-2017-9208 CVE-2017-9209 CVE-2017-9210  +2 more Upstream summary: QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow […]