SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:1029-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-12658 Upstream summary: gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex before pthread exit in gp_worker_main() in gp_workers.c. NOTE: An upstream comment states "We […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2012:1673-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-2669 CVE-2012-5532 Upstream summary: The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2168-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38394 CVE-2014-7300 Upstream summary: Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0999-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-3970 Upstream summary: The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0642-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10916 Upstream summary: It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:3582-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-42781 CVE-2021-42782 CVE-2023-5992 CVE-2023-40661 CVE-2023-2977 CVE-2019-15945 CVE-2019-15946 CVE-2019-19479  +12 more Upstream summary: Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2010:019 (see also SUSE bugzilla) Related CVEs: CVE-2010-2947 Upstream summary: Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8365 (see also SUSE bugzilla) Related CVEs: CVE-2024-3651 Upstream summary: A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0434-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-5849 CVE-2017-2579 CVE-2017-2580 CVE-2018-8975 Upstream summary: tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1568-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-0254 Upstream summary: Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted […]