[SECURITY] Fedora 43 Update: kernel-7.0.7-100.fc43

The kernel meta package...

[SECURITY] Fedora 44 Update: kernel-7.0.7-200.fc44

The kernel meta package...

CVE-2026-44197

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

PYSEC-2026-147

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could still access the history report for the page, potentially resulting in disclosure of sensitive information. This vulnerability is fixed in 7.0.7...

CVE-2026-44198 Wagtail: Improper permission handling when viewing page history

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could still access the history report for the page, potentially resulting in disclosure of sensitive information. This vulnerability is fixed in 7.0.7...

CVE-2026-44197 Wagtail: Improper permission handling when comparing revisions

Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in...

GHSA-P5GM-92H4-6PV6 Wagtail has improper restriction handling on Documents and Images API

Impact The Documents and Images API incorrectly listed items in private collections. A user with access to the API could see the filename and name of documents and images in private collections. Patches Patched versions have been released as Wagtail 7.0.7 and 7.3.2. The new 7.4 LTS feature releas...

Improper Handling of Insufficient Permissions or Privileges

Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges in the deletion of form submissions. A user can remove other users' form submissions without proper...

Improper Handling of Insufficient Permissions or Privileges

Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via revision comparisons. An attacker can gain unauthorized access to sensitive information by supplying th...

PT-2026-39236

Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.7 Wagtail versions prior to 7.3.2 Description The Documents and Images API incorrectly lists items in private collections, allowing a user with API access to view the filename and name of documents and images stor...

CVE-2025-58693

CVE-2025-58693 affects Fortinet FortiVoice versions 7.2.0–7.2.2 and 7.0.0–7.0.7. The root cause is an improper limitation of a pathname to a restricted directory (path traversal), enabling a privileged attacker to delete files on the underlying filesystem via crafted HTTP/HTTPS requests. Per the ...

Fortinet FortiVoice 路径遍历漏洞

Fortinet FortiVoice is a Unified Communications and Collaboration-as-a-Service from Fortinet, Inc. A path traversal vulnerability exists in Fortinet FortiVoice versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.7, which stems from an improperly restricted path traversal and could lead to a...

CVE-2025-60024

Multiple Improper Limitations of a Pathname to a Restricted Directory 'Path Traversal' vulnerabilities CWE-22 vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or...

CVE-2025-64156

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7, FortiVoice 6.4 all versions, FortiVoice 6.0 all versions may allow an authenticated privileged attacker to execute...

Fortinet FortiVoice 路径遍历漏洞

Fortinet FortiVoice is a Unified Communications and Collaboration-as-a-Service from Fortinet, Inc. A path traversal vulnerability exists in Fortinet FortiVoice versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.7, which stems from an improperly restricted path that could result in writing to an...

CVE-2025-58692

An improper neutralization of special elements used in an SQL Command "SQL Injection" vulnerability CWE-89 vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HT...

CVE-2025-58692

An improper neutralization of special elements used in an SQL Command "SQL Injection" vulnerability CWE-89 vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted HT...

EUVD-2018-21515

Malware in sbrugna...

EUVD-2018-21517

Malware in sbrugna...

EUVD-2024-36763

Malicious code in bioql PyPI...