Troubleshooting

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:2766-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-36661 Upstream summary: Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SR:2011:001 (see also SUSE bugzilla) Related CVEs: CVE-2010-2891 Upstream summary: Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SA:2010:008 (see also SUSE bugzilla) Related CVEs: CVE-2010-0001 CVE-2009-2624 Upstream summary: Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2019:2387-1 (see also SUSE bugzilla) Related CVEs: CVE-2019-14822 Upstream summary: A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1343-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-40393 CVE-2023-45913 CVE-2023-45919 CVE-2023-45922 CVE-2019-5068 Upstream summary: In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:10384 (see also SUSE bugzilla) Related CVEs: CVE-2024-52336 CVE-2024-52337 Upstream summary: A script injection vulnerability was identified in the Tuned package. The `instance_create()` D-Bus function can be called by locally logged-in users […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2023:4654-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-26345 CVE-2021-46766 CVE-2021-46774 CVE-2022-23820 CVE-2022-23830 CVE-2023-20519 CVE-2023-20521 CVE-2023-20526  +12 more Upstream summary: Failure to validate the value in APCB may allow a privileged attacker to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2016-9085 CVE-2016-8888 Upstream summary: Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2022-4303 CVE-2023-41105 CVE-2025-12781 CVE-2025-1795 Upstream summary: The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 15 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:7350 (see also SUSE bugzilla) Related CVEs: CVE-2026-21712 CVE-2025-59464 Upstream summary: A flaw in Node.js URL processing causes an assertion failure in native code when `url.format()` is called with a malformed internationalized […]