SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1396-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-67030 Upstream summary: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:10711 (see also SUSE bugzilla) Related CVEs: CVE-2026-4786 CVE-2026-6100 CVE-2025-11468 CVE-2025-4138 CVE-2025-4330 CVE-2025-4435 CVE-2025-4517 CVE-2024-6232  +12 more Upstream summary: Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:13641 (see also SUSE bugzilla) Related CVEs: CVE-2026-31958 CVE-2025-67725 CVE-2025-67726 CVE-2025-47287 CVE-2025-67724 CVE-2023-28370 CVE-2024-52804 Upstream summary: Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02783-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-48057 CVE-2020-14004 CVE-2020-29663 CVE-2021-37698 Upstream summary: Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:12176 (see also SUSE bugzilla) Related CVEs: CVE-2026-32597 CVE-2022-29217 CVE-2024-53861 Upstream summary: PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:0125 (see also SUSE bugzilla) Related CVEs: CVE-2025-66293 CVE-2014-9495 CVE-2015-0973 CVE-2026-22695 CVE-2025-64506 CVE-2025-64720 CVE-2025-65018 CVE-2014-0333 Upstream summary: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1936-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-7111 Upstream summary: Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2899-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-8165 CVE-2026-34785 CVE-2026-34829 CVE-2025-46727 CVE-2023-27530 CVE-2022-31254 CVE-2019-16770 CVE-2019-18904  +12 more Upstream summary: A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:0002 (see also SUSE bugzilla) Related CVEs: CVE-2025-45582 CVE-2001-1267 CVE-2002-0399 CVE-2005-1918 CVE-2006-0300 CVE-2006-6097 CVE-2010-0624 CVE-2016-6321  +5 more Upstream summary: GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:7080 (see also SUSE bugzilla) Related CVEs: CVE-2026-27135 CVE-2024-28182 CVE-2023-35945 CVE-2018-1000168 CVE-2016-1544 Upstream summary: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the […]