SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2011-0523 CVE-2011-0524 Upstream summary: gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:10-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-12290 CVE-2019-18224 CVE-2015-2059 CVE-2015-8948 CVE-2016-6262 Upstream summary: GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:2439-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-12083 CVE-2020-1967 CVE-2022-21658 CVE-2018-1000622 Upstream summary: The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2019:0019-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-11468 CVE-2018-12495 Upstream summary: The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2583-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-2385 Upstream summary: A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:1821-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9433 Upstream summary: Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:3125-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-5884 CVE-2017-5885 Upstream summary: gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:0026-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-19725 CVE-2023-33204 CVE-2022-39377 CVE-2019-16167 CVE-2018-19416 CVE-2018-19517 Upstream summary: sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. Table of contents Symptom & Impact […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1212-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2016-9401 CVE-2012-6711 CVE-2014-7186 CVE-2014-7187  +4 more Upstream summary: GNU Bash through 4.3 processes trailing strings after function definitions in the values […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2022:2025-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-46828 Upstream summary: In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are […]