SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-IU-2021:658-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19977 Upstream summary: libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read. Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:1382-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-10683 CVE-2018-1000632 Upstream summary: dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3813-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-23913 CVE-2022-27777 Upstream summary: There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2925-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-39134 CVE-2024-39133 CVE-2020-18442 CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5977 CVE-2017-5978  +11 more Upstream summary: A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3555-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-22218 CVE-2015-1782 CVE-2016-0787 CVE-2019-17498 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858  +5 more Upstream summary: An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:0423-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-10396 Upstream summary: The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2021:232-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-15854 CVE-2018-15855 CVE-2018-15856 CVE-2018-15857 CVE-2018-15858 CVE-2018-15862 CVE-2018-15864 Upstream summary: Unchecked NULL pointer usage in xkbcommon before 0.8.1 could be used by local attackers to crash […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:14846-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-20298 CVE-2021-3479 CVE-2021-3605 CVE-2020-15304 CVE-2020-15305 CVE-2020-15306 CVE-2020-16587 CVE-2020-16588  +12 more Upstream summary: A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-24455 CVE-2023-22745 CVE-2024-29040 Upstream summary: Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1439-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-3451 Upstream summary: The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external […]