SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0491-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-26937 CVE-2025-46802 CVE-2015-6806 Upstream summary: encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:0012 (see also SUSE bugzilla) Related CVEs: CVE-2024-35195 Upstream summary: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2012-4453 CVE-2016-8637 Upstream summary: dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3231-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-17955 Upstream summary: In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2017-10683 CVE-2017-11126 Upstream summary: In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1103-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-1984 CVE-2013-1995 CVE-2013-1998 Upstream summary: Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2010:020 (see also SUSE bugzilla) Related CVEs: CVE-2009-3245 CVE-2009-4355 CVE-2009-5146 CVE-2010-4180 CVE-2010-4252 CVE-2011-4109 CVE-2011-4354 CVE-2011-5095  +4 more Upstream summary: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02809-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-32650 CVE-2025-58266 CVE-2023-26964 Upstream summary: Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0885-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-14928 CVE-2020-16117 Upstream summary: evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2021:658-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19977 Upstream summary: libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read. Table […]