SLES

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2583-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2385 Upstream summary: A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1821-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9433 Upstream summary: Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:3125-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-5884 CVE-2017-5885 Upstream summary: gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:0026-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19725 CVE-2023-33204 CVE-2022-39377 CVE-2019-16167 CVE-2018-19416 CVE-2018-19517 Upstream summary: sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. Table of contents Symptom & Impact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0403-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-6393 CVE-2014-2525 CVE-2014-9130 Upstream summary: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:3268-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25653 CVE-2017-15108 CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 Upstream summary: A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0886-1 (see also SUSE bugzilla) Related CVEs: CVE-2010-2800 CVE-2010-2801 CVE-2014-9556 Upstream summary: The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2011-1145 Upstream summary: The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2009:017 (see also SUSE bugzilla) Related CVEs: CVE-2009-2905 Upstream summary: Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2011:016 (see also SUSE bugzilla) Related CVEs: CVE-2011-0465 Upstream summary: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a […]