SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1218-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-25645 CVE-2024-47081 CVE-2024-35195 CVE-2023-32681 CVE-2018-18074 Upstream summary: Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2013-4326 Upstream summary: RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:599-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-29361 CVE-2020-29363 CVE-2020-29362 Upstream summary: An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:02785-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-48924 Upstream summary: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:3135-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-2708 Upstream summary: Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1017-1 (see also SUSE bugzilla) Related CVEs: CVE-2012-0786 CVE-2014-8119 CVE-2017-7555 CVE-2025-2588 Upstream summary: The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3149-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5262 CVE-2014-3577 CVE-2012-5783 Upstream summary: http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:0919-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10689 Upstream summary: blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01571-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-2761 Upstream summary: GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2895-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25713 CVE-2017-18926 CVE-2024-57822 CVE-2024-57823 CVE-2012-0037 Upstream summary: A malformed input file can lead to a segfault due to an out of bounds array access in […]