SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03025-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-7962 Upstream summary: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0800-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 CVE-2023-39320 CVE-2023-39321 CVE-2023-39322  +4 more Upstream summary: When following an HTTP redirect to a domain which is not a subdomain […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3320-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3618 CVE-2015-1419 Upstream summary: ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1513-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5522 CVE-2015-5523 CVE-2016-6583 Upstream summary: Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2020-24979 Upstream summary: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:800-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-18902 CVE-2019-18903 CVE-2020-7216 CVE-2020-7217 Upstream summary: A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01805-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-31178 CVE-2025-31181 CVE-2025-3359 CVE-2025-31179 CVE-2020-25969 CVE-2017-9670 CVE-2018-19490 CVE-2018-19491  +1 more Upstream summary: A flaw was found in gnuplot. The GetAnnotateString() function may lead to a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:712-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-33813 Upstream summary: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2021:2130-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-5123 CVE-2014-8991 CVE-2015-2296 CVE-2019-20916 CVE-2023-5752 CVE-2026-1703 Upstream summary: The mirroring support (-M, –use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:01569-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-43962 CVE-2025-43964 Upstream summary: In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values […]