SLES

SLES 15 — opensc — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — opensc — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4089-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-40660 CVE-2021-42781 CVE-2021-42782 CVE-2023-5992 CVE-2023-40661 CVE-2023-2977 CVE-2021-42779 CVE-2019-19481  +12 more Upstream summary: A flaw was found in OpenSC packages that allow a potential PIN bypass. […]

Read more
SLES 12 — yodl — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — yodl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1504-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-10375 Upstream summary: Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c. Table of contents Symptom & Impact Environment & Reproduction […]

Read more
SLES 15 — conky — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — conky — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2011-3616 Upstream summary: The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf. Table […]

Read more
SLES 16 — fuse2fs — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — fuse2fs — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2007:025 (see also SUSE bugzilla) Related CVEs: CVE-2007-5497 CVE-2019-5094 Upstream summary: Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem […]

Read more
SLES 15 — flac — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — flac — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3933-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-0487 CVE-2020-22219 CVE-2021-0561 CVE-2020-0499 CVE-2017-6888 Upstream summary: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none […]

Read more
SLES 12 — libhdf5-gnu-hpc — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libhdf5-gnu-hpc — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0538-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-4332 CVE-2018-13867 CVE-2018-17439 CVE-2021-37501 CVE-2021-45830 CVE-2021-45833 CVE-2021-46242 CVE-2024-29158  +12 more Upstream summary: The library's failure to check if certain message types support a particular flag, […]

Read more
SLES 15 — shadow — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — shadow — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-RU-2026:1228-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-4235 CVE-2023-29383 CVE-2018-7169 CVE-2023-4641 Upstream summary: shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Table of contents Symptom & Impact Environment […]

Read more
SLES 12 — python-dnspython — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — python-dnspython — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9423 (see also SUSE bugzilla) Related CVEs: CVE-2023-29483 Upstream summary: eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an […]

Read more
SLES 16 — gpgme — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — gpgme — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1073-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-3564 Upstream summary: Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to […]

Read more
SLES 15 — kdump — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — kdump — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:2553-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-5759 Upstream summary: The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as […]

Read more
CHAT