SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2022-47022 Upstream summary: An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3198-1 Related CVEs: CVE-2021-32610 Upstream summary: In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. Table of contents Symptom & Impact Environment […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2086-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-44225 CVE-2018-19044 CVE-2018-19045 CVE-2018-19046 CVE-2024-41184 Upstream summary: In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:3353-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-21232 Upstream summary: re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags. Table of contents Symptom & Impact Environment & Reproduction Root […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2013-7322 Upstream summary: usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:0436-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-0381 Upstream summary: An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:1765-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-16301 CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924  +12 more Upstream summary: The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:1791-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-12779 Upstream summary: libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:2960-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-1829 CVE-2023-23559 Upstream summary: A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2798-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 CVE-2019-18898 Upstream summary: An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of […]