SLES

SLES 15 — libyaml — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libyaml — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0403-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6393 CVE-2014-2525 CVE-2014-9130 Upstream summary: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a […]

Read more
SLES 15 — libcapnp — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libcapnp — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:4478-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-46149 Upstream summary: Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and […]

Read more
SLES 15 — subversion — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — subversion — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:1161-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24070 CVE-2017-9800 CVE-2019-0203 CVE-2020-17525 CVE-2024-46901 CVE-2021-28544 CVE-2009-2411 CVE-2010-3315  +12 more Upstream summary: Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, […]

Read more
SLES 15 — minicom — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — minicom — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1092-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-7467 Upstream summary: A buffer overflow flaw was found in the way minicom before version 2.7.1 handled VT100 escape sequences. A malicious terminal device could […]

Read more
SLES 15 — clone-master-clean-up — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — clone-master-clean-up — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3667-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-32000 Upstream summary: A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux […]

Read more
SLES 15 — aide — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — aide — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:0145-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-45417 Upstream summary: AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), […]

Read more
SLES 15 — python311-marshmallow — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python311-marshmallow — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0226-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-68480 Upstream summary: Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 […]

Read more
SLES 15 — aspell — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — aspell — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:14783-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-25051 Upstream summary: objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). Table of contents Symptom & […]

Read more
SLES 15 — libtinyxml0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libtinyxml0 — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2021:1474-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-42260 CVE-2023-34194 Upstream summary: TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a […]

Read more
SLES 12 — perl-LWP-Protocol-https — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — perl-LWP-Protocol-https — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2014-3230 Upstream summary: The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server […]

Read more
CHAT