SLES

SLES 15 — libbd_fs2 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libbd_fs2 — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:10796 (see also SUSE bugzilla) Related CVEs: CVE-2025-6019 Upstream summary: A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to […]

Read more
SLES 15 — ed25519-java — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — ed25519-java — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:1029-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36843 Upstream summary: The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA (Strong Existential Unforgeability […]

Read more
SLES 15 — libeditorconfig0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libeditorconfig0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:4152-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-53849 CVE-2023-0341 Upstream summary: editorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may […]

Read more
SLES 12 — ft2demos — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — ft2demos — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:721-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-7864 CVE-2025-27363 CVE-2017-8287 CVE-2020-15999 CVE-2025-23022 CVE-2009-0946 CVE-2010-2497 CVE-2010-2805  +12 more Upstream summary: FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer […]

Read more
SLES 12 — npm6 — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — npm6 — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:1568-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8174 CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 CVE-2020-7598  +2 more Upstream summary: napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and […]

Read more
SLES 12 — php5 — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — php5 — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:1504-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 CVE-2020-7060 CVE-2015-2787 CVE-2015-3329 CVE-2015-6831 CVE-2015-8879  +12 more Upstream summary: The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and […]

Read more
SLES 12 — busybox — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — busybox — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0235-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-60876 CVE-2026-26157 CVE-2026-26158 CVE-2022-48174 CVE-2016-2147 CVE-2018-1000500 CVE-2018-1000517 CVE-2021-28831  +12 more Upstream summary: BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control […]

Read more
SLES 12 — ucode-intel — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — ucode-intel — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03052-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-20053 CVE-2025-20109 CVE-2025-22839 CVE-2025-22840 CVE-2025-22889 CVE-2025-26403 CVE-2025-32086 CVE-2024-21820  +12 more Upstream summary: Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may […]

Read more
SLES 12 — google-guest-agent — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — google-guest-agent — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01985-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-45337 CVE-2022-23806 CVE-2021-38297 Upstream summary: Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for […]

Read more
SLES 12 — texlive-kastrup — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — texlive-kastrup — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1203-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-10243 Upstream summary: TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file. Table […]

Read more
CHAT