SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0800-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 CVE-2024-24791 CVE-2024-24789 CVE-2024-24790  +2 more Upstream summary: When following an HTTP redirect to a domain which is not a subdomain […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2006:027 (see also SUSE bugzilla) Related CVEs: CVE-2006-2607 CVE-2010-0424 CVE-2019-9704 CVE-2019-9705 Upstream summary: do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0404-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-68670 CVE-2024-39917 CVE-2022-23477 CVE-2020-4044 CVE-2023-42822 CVE-2023-40184 CVE-2022-23478 CVE-2022-23468  +10 more Upstream summary: xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:1572-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-34069 CVE-2023-25577 CVE-2019-14806 Upstream summary: Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:4306-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-42920 Upstream summary: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0858-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-69227 CVE-2025-69228 CVE-2025-69229 CVE-2025-69223 CVE-2024-30251 CVE-2021-21330 CVE-2025-69225 CVE-2025-69224  +6 more Upstream summary: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:1787-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-31215 CVE-2023-41914 CVE-2023-49936 CVE-2023-49937 CVE-2023-49933 CVE-2023-49938 Upstream summary: SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:14790 (see also SUSE bugzilla) Related CVEs: CVE-2026-33636 CVE-2025-66293 CVE-2011-2690 CVE-2011-2692 CVE-2026-22695 CVE-2026-22801 CVE-2025-64506 CVE-2025-64720  +11 more Upstream summary: LIBPNG is a reference library for use in applications that read, create, and […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:6184 (see also SUSE bugzilla) Related CVEs: CVE-2024-40897 Upstream summary: Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3149-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5262 CVE-2012-5783 CVE-2014-3577 Upstream summary: http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers […]