SLES

SLES 12 — rpm — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — rpm — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-8118 CVE-2017-7500 CVE-2017-7501 CVE-2021-3421 CVE-2013-6435 CVE-2021-20266 CVE-2021-20271 Upstream summary: Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a […]

Read more
SLES 15 — qatlib — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — qatlib — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:3942-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28885 CVE-2024-31074 CVE-2024-33617 CVE-2023-22313 Upstream summary: Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network […]

Read more
SLES 15 — python2-lxml — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python2-lxml — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:491-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-19787 CVE-2020-27783 CVE-2021-28957 CVE-2021-43818 Upstream summary: An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that […]

Read more
SLES 15 — gd — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — gd — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:3214-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-40812 CVE-2016-10166 CVE-2016-10168 CVE-2016-5116 CVE-2016-5766 CVE-2016-6128 CVE-2016-6132 CVE-2016-6207  +12 more Upstream summary: The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because […]

Read more
SLES 15 — net-tools — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — net-tools — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02974-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-46836 Upstream summary: net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn […]

Read more
SLES 16 — python313-marshmallow — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — python313-marshmallow — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0226-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-68480 CVE-2018-17175 Upstream summary: Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before […]

Read more
SLES 15 — python2-pip — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python2-pip — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2021:2130-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-5123 CVE-2014-8991 CVE-2015-2296 Upstream summary: The mirroring support (-M, –use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers […]

Read more
SLES 12 — xalan-j2 — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — xalan-j2 — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0870-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-0107 Upstream summary: The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote […]

Read more
SLES 15 — python2-pywbem — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python2-pywbem — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0580-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6418 Upstream summary: PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an […]

Read more
SLES 12 — xlockmore — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — xlockmore — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2013-4143 Upstream summary: The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon […]

Read more
CHAT