SLES

SLES 12 — wget — multiple vulnerabilities (13 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — wget — multiple vulnerabilities (13 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2017:2871-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-13089 CVE-2017-13090 CVE-2019-5953 CVE-2024-10524 CVE-2021-31879 CVE-2024-38428 CVE-2010-2252 CVE-2014-4877  +5 more Upstream summary: The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. […]

Read more
SLES 15 — python3-eventlet — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — python3-eventlet — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03051-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-58068 Upstream summary: Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling […]

Read more
SLES 16 — xmvn — vulnerability — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — xmvn — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:21016-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-59432 Upstream summary: SCRAM (Salted Challenge Response Authentication Mechanism) is part of the family of Simple Authentication and Security Layer (SASL, RFC 4422) authentication mechanisms. […]

Read more
SLES 15 — shim — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — shim — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory ESSA-2025:0001 (see also SUSE bugzilla) Related CVEs: CVE-2023-40547 CVE-2022-28737 CVE-2020-10713 CVE-2023-40546 CVE-2023-40548 CVE-2023-40549 CVE-2023-40550 CVE-2023-40551  +4 more Upstream summary: A remote code execution vulnerability was found in Shim. The Shim boot support […]

Read more
SLES 12 — libssh-devel-doc — vulnerability — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — libssh-devel-doc — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0936-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-3731 Upstream summary: A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftp_extensions_get_name/sftp_extensions_get_data of the file src/sftp.c of […]

Read more
SLES 16 — permctl — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on SLES 16

SLES 16 — permctl — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2020:110-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-3687 CVE-2019-3690 CVE-2020-8013 CVE-2022-31252 CVE-2019-3688 Upstream summary: The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" […]

Read more
SLES 15 — javamail — vulnerability — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — javamail — vulnerability — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:03025-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-7962 Upstream summary: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate […]

Read more
SLES 15 — go1.21 — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — go1.21 — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0800-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 CVE-2023-39320 CVE-2023-39321 CVE-2023-39322  +4 more Upstream summary: When following an HTTP redirect to a domain which is not a subdomain […]

Read more
SLES 12 — vsftpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on SLES 12

SLES 12 — vsftpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3320-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-3618 CVE-2015-1419 Upstream summary: ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as […]

Read more
SLES 15 — tidy — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on SLES 15

SLES 15 — tidy — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2015:1513-1 (see also SUSE bugzilla) Related CVEs: CVE-2015-5522 CVE-2015-5523 CVE-2016-6583 Upstream summary: Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial […]

Read more
CHAT