SLES

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2012:0311-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-0804 CVE-2017-12836 Upstream summary: Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1861-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-33811 CVE-2026-33814 CVE-2026-39820 CVE-2026-39836 CVE-2026-42499 CVE-2026-42501 CVE-2026-27140 CVE-2026-27143  +12 more Upstream summary: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:12176 (see also SUSE bugzilla) Related CVEs: CVE-2026-32597 Upstream summary: PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1124-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-32853 CVE-2026-32854 CVE-2020-14403 CVE-2020-14404 Upstream summary: LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02339-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-6427 CVE-2025-6428 CVE-2025-6431 CVE-2025-6432 CVE-2025-6433 CVE-2025-6434 CVE-2025-6435 CVE-2025-6436  +12 more Upstream summary: An attacker was able to bypass the `connect-src` directive of a Content Security […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01816-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28285 CVE-2016-9939 CVE-2015-2141 Upstream summary: A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:1915 (see also SUSE bugzilla) Related CVEs: CVE-2025-1244 CVE-2024-53920 CVE-2024-39331 CVE-2022-48337 CVE-2022-48339 CVE-2022-48338 CVE-2022-45939 CVE-2024-30203  +9 more Upstream summary: A command injection flaw was found in the text editor Emacs. It could […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2738-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-46848 CVE-2024-12133 CVE-2018-6003 CVE-2025-13151 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 CVE-2015-2806  +3 more Upstream summary: GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2880-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-26117 CVE-2014-0011 CVE-2026-34352 CVE-2016-10207 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694  +10 more Upstream summary: In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2300-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-8367 CVE-2020-22628 CVE-2023-1729 CVE-2021-32142 CVE-2017-6889 CVE-2020-15503 CVE-2013-2126 CVE-2013-2127  +12 more Upstream summary: The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors […]