SLES

SLES 12 — wavpack — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — wavpack — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2021:0186-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-35738 CVE-2022-2476 CVE-2018-19840 CVE-2016-10169 CVE-2016-10170 CVE-2016-10171 CVE-2016-10172 Upstream summary: WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in […]

Read more
SLES 15 — mgetty — multiple vulnerabilities (6 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — mgetty — multiple vulnerabilities (6 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:2850-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-16741 CVE-2018-16742 CVE-2018-16743 CVE-2018-16744 CVE-2018-16745 CVE-2019-1010190 Upstream summary: An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize […]

Read more
SLES 15 — python3-idna — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-idna — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:8365 (see also SUSE bugzilla) Related CVEs: CVE-2024-3651 Upstream summary: A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's […]

Read more
SLES 12 — dmidecode — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — dmidecode — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:1494-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-30630 Upstream summary: Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo […]

Read more
SLES 12 — apache2-mod_jk — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — apache2-mod_jk — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:3963-1 (see also SUSE bugzilla) Related CVEs: CVE-2018-11759 CVE-2024-46544 CVE-2023-41081 CVE-2007-0774 CVE-2008-5519 Upstream summary: The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker […]

Read more
SLES 15 — perl-DBI — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — perl-DBI — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:14510-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-20919 CVE-2020-14392 CVE-2020-14393 CVE-2014-10401 CVE-2014-10402 Upstream summary: An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for […]

Read more
SLES 15 — perl-XML-Twig — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — perl-XML-Twig — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2020:2172-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-9180 Upstream summary: perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless […]

Read more
SLES 12 — python-rsa — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — python-rsa — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:496-1 (see also SUSE bugzilla) Related CVEs: CVE-2020-25658 CVE-2016-1494 Upstream summary: It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption […]

Read more
SLES 16 — perl-XML-LibXML — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — perl-XML-LibXML — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1439-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-3451 Upstream summary: The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external […]

Read more
SLES 15 — libid3tag0 — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — libid3tag0 — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2018:0715-1 (see also SUSE bugzilla) Related CVEs: CVE-2004-2779 CVE-2008-2109 CVE-2017-11550 CVE-2017-11551 Upstream summary: id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, […]

Read more
CHAT