[SECURITY] Fedora 42 Update: open62541-1.4.13-1.fc42

open62541 is a C-based library linking with C++ projects is possible with all necessary tools to implement dedicated OPC UA clients and servers, or to integrate OPC UA-based communication into existing applications...

CVE-2012-10059

Dolibarr ERP/CRM versions = 3.1.1 and = 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sqlcompat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code...

UBUNTU-CVE-2012-10059

Dolibarr ERP/CRM versions = 3.1.1 and = 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sqlcompat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code...

CVE-2012-10059 Dolibarr ERP/CRM Post-Auth OS Command Injection

Dolibarr ERP/CRM versions = 3.1.1 and = 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sqlcompat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code...

CVE-2012-10059

Dolibarr ERP/CRM contains a post-authenticated OS command injection in its database backup feature. In versions <= 3.1.1 and

Dolibarr ERP/CRM 安全漏洞

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A security vulnerability exists in Dolibarr ERP/CRM versions...

[SECURITY] [DLA 4270-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4270-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès August 12, 2025 https://wiki.debian.org/LTS -...

Microsoft Windows Subsystem for Linux 安全漏洞

Microsoft Windows Subsystem for Linux WSL is a Microsoft Windows Subsystem for Linux, a compatibility layer capable of running native Linux binary executables ELF format. A security vulnerability exists in Microsoft Windows Subsystem for Linux. An attacker could exploit this vulnerability to gain...

Intel 800 Series Ethernet 安全漏洞

Intel 800 Series Ethernet is a new generation of high-speed Ethernet technology from Intel that supports 25GbE and 100GbE speeds and is backward compatible with 10GbE. An elevation of privilege vulnerability exists in Intel 800 Series Ethernet, which stems from insufficient control flow managemen...

Linux Distros Unpatched Vulnerability : CVE-2025-7394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values return...

BIT-LIBPYTHON-2020-27619

In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP...

Linux Distros Unpatched Vulnerability : CVE-2023-52746

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla...

CVE-2025-45765

ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."...

Linux Distros Unpatched Vulnerability : CVE-2024-11694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XSS through the Google SafeFrame shim in the Web...

[SECURITY] Fedora 41 Update: perl-Crypt-CBC-3.07-1.fc41

This is Crypt::CBC, a Perl-only implementation of the cryptographic cipher block chaining mode CBC. In combination with a block cipher such as Crypt::DES or Crypt::IDEA, you can encrypt and decrypt messages of arbitrarily long length. The encrypted messages are compatible with the encryption form...

Important: cuda-compat

Issue Overview: NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or...

Amazon Linux 2023 : cuda-nvdisasm-13 (ALAS2023NVIDIA-2025-145)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-145 advisory. NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successfu...

[SECURITY] Fedora 42 Update: reposurgeon-5.3-1.fc42

Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...

PT-2025-31735 · WordPress · Ultimate Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Ultimate Addons for Elementor versions up to and including 2.4.6 Description: The Ultimate Addons for Elementor plugin for WordPress contains a flaw that allows unauthorized data modification. A missing capability check within the save hfe...

CVE-2025-54429

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. There are various account address types in Frontier, e.g. precompiled contracts, smart contracts, and externally owned accounts. Some EVM mechanisms should be unreachable by certain types of accounts for...