SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1220-1 Related CVEs: CVE-2019-3781 Upstream summary: Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:783-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-15106 CVE-2020-15112 CVE-2020-8557 CVE-2020-8565 CVE-2020-8566 CVE-2020-15184 CVE-2020-15185 CVE-2020-15186  +1 more Upstream summary: In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03234-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-50200 CVE-2025-30219 CVE-2016-9877 CVE-2014-9494 CVE-2015-0862 Upstream summary: RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0233-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-22702 Upstream summary: virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:0122-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1246 CVE-2016-1251 CVE-2017-10788 CVE-2017-10789 CVE-2016-1249 Upstream summary: Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0271-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-9622 CVE-2017-18266 Upstream summary: Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2109-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-14019 Upstream summary: Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:1138-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1601 Upstream summary: yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14537-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-5115 CVE-2023-5764 CVE-2024-0690 CVE-2024-11079 CVE-2024-8775 CVE-2024-9902 Upstream summary: An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:0032-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-36314 CVE-2019-16680 CVE-2020-11736 Upstream summary: fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because […]