CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

CVE-2023-25741

The CVE-2023-25741 entry concerns Firefox (

CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2023:2329-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2329-1 advisory. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary:...

[SECURITY] Fedora 37 Update: bottles-51.6-1.fc37

Easily manage Wine prefix in a new way! Run Windows software and games on Linux. Features: Create bottles based on environments a set of rule and dependencies for better software compatibility Access to a customizable environment for all your experiments Run every executable .exe/.msi in your...

[SECURITY] Fedora 38 Update: bottles-51.6-1.fc38

Easily manage Wine prefix in a new way! Run Windows software and games on Linux. Features: Create bottles based on environments a set of rule and dependencies for better software compatibility Access to a customizable environment for all your experiments Run every executable .exe/.msi in your...

[SECURITY] Fedora 38 Update: python2.7-2.7.18-31.fc38

Python 2 is an old version of the language that is incompatible with the 3.x line of releases. The language is mostly the same, but many details, especial ly how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been...

Project may fail to be deployed to chains not compatible with Shanghai hardfork

Lines of code Vulnerability details Project may fail to be deployed to chains not compatible with Shanghai hardfork Current settings may produce incompatible bytecode with some of the chains supported by the protocol. Impact The Ambire wallet supports and targets different chains, such as Ethereu...

SUSE-SU-2023:2241-1 Security update for mysql-connector-java

This update for mysql-connector-java fixes the following issues: - CVE-2023-21971: Fixed a crash in MySQL Connectors that could be triggered by an authenticated remote user bsc1211247. - Ship protobuf 3.9.2 compatible generated files to support older distro versions. - Update to 8.0.32: -...

Microsoft Secure Boot Bug

Microsoft is currently patching a zero-day Secure-Boot bug. The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC begins loading Windows and its many security protections. Secure Boot has...

crate has been renamed to `crypto_secretbox`

This crate has been forked/renamed from xsalsa20poly1305 to cryptosecretbox. The new repository location is at:...

qemu-kvm security update

6.1.1-6.el9 - Update changelog Karl Heubaum Orabug: 35343538 - ebpf: fix compatibility with libbpf 1.0+ Shreesh Adiga Orabug: 35268538 - ebpf: replace deprecated bpfprogramsetsocketfilter Haochen Tong Orabug: 35268538 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug:...

The vulnerability of the Python Charmers Future version compatibility program, related to an incorrect regular expression, allows a violator to trigger a service failure.

The vulnerability of the Python Charmers Future version compatibility program is related to incorrect input validation during the processing of Set-Cookie headers. Exploiting this vulnerability allows a remote attacker to send a specially crafted HTTP request to the application and execute a...

SUSE: Security Advisory (SUSE-SU-2023:2150-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:2150-1 Security update for shim

This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...

UBUNTU-CVE-2023-2283

A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the retu...

SUSE: Security Advisory (SUSE-SU-2023:2086-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1477

Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3...

GHSA-329J-JFVR-RHR6 Apache Spark vulnerable to Improper Privilege Management

In Apache Spark versions prior to versions 3.4.0 and 3.3.3, applications using spark-submit can specify a proxy-user to run as, limiting privileges. The application can execute code with the privileges of the submitting user, however, by providing malicious configuration-related classes on the...

SUSE: Security Advisory (SUSE-SU-2023:1863-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...