SLES

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4439-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-38252 CVE-2023-38253 CVE-2022-38223 CVE-2010-2074 CVE-2012-4929 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436  +12 more Upstream summary: An out-of-bounds read flaw was found in w3m, in the Strnew_size function in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2013:0709-1 (see also SUSE bugzilla) Related CVEs: CVE-2013-1762 CVE-2011-2940 CVE-2014-0016 CVE-2015-3644 Upstream summary: stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0800-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-13936 Upstream summary: An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:0921-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-0797 CVE-2016-9447 CVE-2016-9808 CVE-2025-47806 CVE-2025-47807 CVE-2025-47808 CVE-2022-1920 CVE-2022-1921  +10 more Upstream summary: GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:1076-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-9432 Upstream summary: Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2019:695-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-7685 CVE-2017-7436 CVE-2017-9269 CVE-2017-9271 CVE-2018-20532 CVE-2018-20533 CVE-2019-18900 CVE-2024-0217  +1 more Upstream summary: The decoupled download and installation steps in libzypp before 17.5.0 could lead to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2008-5008 Upstream summary: Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2385-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-10860 Upstream summary: perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:0492-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-44566 CVE-2021-22880 Upstream summary: A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:3876-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-49769 CVE-2022-24761 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 Upstream summary: Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client […]