SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:4267 (see also SUSE bugzilla) Related CVEs: CVE-2024-25081 CVE-2024-25082 CVE-2020-25690 CVE-2020-5395 CVE-2020-5496 CVE-2017-11568 CVE-2017-11569 CVE-2017-11570  +7 more Upstream summary: Splinefont in FontForge through 20230101 allows command injection via crafted filenames. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1357-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-11490 CVE-2026-23868 CVE-2025-31344 CVE-2023-39742 CVE-2022-28506 CVE-2015-7555 CVE-2016-3977 CVE-2021-40633 Upstream summary: The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2026:20990-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-25727 CVE-2023-38633 CVE-2021-25900 CVE-2024-43806 CVE-2011-3146 CVE-2013-1881 CVE-2019-20446 CVE-2017-11464 Upstream summary: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:283-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-38185 CVE-2014-9112 CVE-2016-2037 CVE-2019-14866 CVE-2023-7207 CVE-2015-1197 Upstream summary: GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1212-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 CVE-2016-9401 CVE-2014-2524 Upstream summary: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3898-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-31256 CVE-2023-51765 Upstream summary: A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0876-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-27138 CVE-2026-33810 CVE-2026-27137 Upstream summary: Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2732-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-41671 CVE-2020-10108 CVE-2020-10109 CVE-2022-21716 CVE-2022-21712 CVE-2024-41810 CVE-2022-24801 CVE-2016-1000111  +3 more Upstream summary: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1068-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-3172 Upstream summary: Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2022-33980 CVE-2024-29131 CVE-2024-29133 Upstream summary: Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is […]