SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2105-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-2810 Upstream summary: An exploitable vulnerability exists in the Databook loading functionality of Tablib 0.11.4. A yaml loaded Databook can execute arbitrary python commands resulting […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2601-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-1000198 CVE-2017-1000199 Upstream summary: tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2007-4129 Upstream summary: CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2172-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-9180 Upstream summary: perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3032-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2625 CVE-2021-3677 CVE-2023-39417 Upstream summary: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1103-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-2063 Upstream summary: Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2022:0444-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-18342 CVE-2020-14343 Upstream summary: In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:0072-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-7542 Upstream summary: A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0284-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-3239 Upstream summary: Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:491-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-19787 CVE-2020-27783 CVE-2021-28957 CVE-2021-43818 Upstream summary: An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that […]