Troubleshooting

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2014-4362 Upstream summary: The Sandbox Profiles implementation in Apple iOS before 8 does not properly restrict the third-party app sandbox profile, which allows attackers to obtain sensitive Apple ID […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0880-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-3248 Upstream summary: Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9158 (see also SUSE bugzilla) Related CVEs: CVE-2020-27827 CVE-2020-35498 CVE-2022-4337 CVE-2022-4338 CVE-2023-3152 CVE-2023-3966 CVE-2023-5366 CVE-2025-0650  +4 more Upstream summary: A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:0158-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-7101 Upstream summary: Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:0928-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-4038 CVE-2014-4039 Upstream summary: ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory RHSA-2024:9193 (see also SUSE bugzilla) Related CVEs: CVE-2024-36039 Upstream summary: PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict. Table of contents […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:3103-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-31799 CVE-2016-9964 CVE-2020-28473 Upstream summary: Bottle before 0.12.20 mishandles errors during early request binding. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2016:0779-1 (see also SUSE bugzilla) Related CVEs: CVE-2016-1521 CVE-2016-1523 CVE-2016-1526 CVE-2018-7999 Upstream summary: The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2013-6369 CVE-2022-1210 Upstream summary: Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: SLES 16 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2014:1294-1 (see also SUSE bugzilla) Related CVEs: CVE-2014-3634 CVE-2022-24903 CVE-2011-3200 CVE-2013-4758 CVE-2013-6370 CVE-2013-6371 CVE-2014-3683 CVE-2015-3243 Upstream summary: rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers […]