SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:3344 (see also SUSE bugzilla) Related CVEs: CVE-2025-30204 CVE-2018-20699 Upstream summary: golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:14177 (see also SUSE bugzilla) Related CVEs: CVE-2025-48976 CVE-2013-2186 CVE-2016-1000031 Upstream summary: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:10135 (see also SUSE bugzilla) Related CVEs: CVE-2026-34986 Upstream summary: Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:20557-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-26080 CVE-2026-26081 CVE-2026-33555 CVE-2025-11230 Upstream summary: Unknown. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:6259 (see also SUSE bugzilla) Related CVEs: CVE-2026-2920 CVE-2026-2922 CVE-2023-38103 CVE-2023-38104 Upstream summary: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03028-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-50817 Upstream summary: A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1819-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-41205 Upstream summary: Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2018-21029 CVE-2026-4105 CVE-2023-26604 CVE-2017-18078 CVE-2018-15688 CVE-2018-16864 CVE-2018-16865 CVE-2018-6954  +12 more Upstream summary: systemd 239 through 245 accepts any certificate signed by a trusted certificate authority […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2026:20990-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-31979 CVE-2025-59044 CVE-2025-54882 CVE-2026-34397 CVE-2024-11738 CVE-2025-53013 Upstream summary: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:0111 (see also SUSE bugzilla) Related CVEs: CVE-2025-13699 CVE-2014-0224 CVE-2019-2529 CVE-2020-2574 CVE-2021-2180 CVE-2010-5298 CVE-2014-0195 CVE-2014-0198  +12 more Upstream summary: MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote […]