SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2172-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-9180 Upstream summary: perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3032-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2625 CVE-2021-3677 CVE-2023-39417 Upstream summary: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:1103-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-2063 Upstream summary: Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2022:0444-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-18342 CVE-2020-14343 Upstream summary: In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:0072-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-7542 Upstream summary: A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2010:020 (see also SUSE bugzilla) Related CVEs: CVE-2009-3245 CVE-2009-4355 CVE-2009-5146 CVE-2010-4180 CVE-2010-4252 CVE-2011-4109 CVE-2011-4354 CVE-2011-5095  +4 more Upstream summary: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02809-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-32650 CVE-2025-58266 CVE-2023-26964 Upstream summary: Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:491-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-19787 CVE-2020-27783 CVE-2021-28957 CVE-2021-43818 Upstream summary: An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:1029-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12658 Upstream summary: gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex before pthread exit in gp_worker_main() in gp_workers.c. NOTE: An upstream comment states "We […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:3107-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-7970 CVE-2016-7971 CVE-2016-7969 CVE-2016-7972 Upstream summary: Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial […]