The vulnerability of the SDK – Software Development Kit for product lifecycle management software for Oracle Agile PLM Framework, allowing a perpetrator to access confidential information

The vulnerability of the SDK-Software Development Kit, a software tool for managing product lifecycles in Oracle Agile PLM Framework enterprises, is related to improper authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information...

Important: Red Hat Security Advisory: OpenJDK 21.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK:...

Model Context Protocol Python SDK 安全漏洞

Model Context Protocol Python SDK is a Model Context Protocol open source development tool for Model Context Protocol servers and clients. A security vulnerability exists in the Model Context Protocol Python SDK prior to version 1.9.4, which stems from an unhandled exception when handling malform...

RLSA-2024:11185 Moderate: edk2:20220126gitbb1bba3d77 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 For more details about the security issues, including th...

Malicious code in kucoin-universal-sdk-example (npm)

--- -= Per source details. Do not edit below this line.=-...

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

[SECURITY] Fedora 41 Update: dotnet8.0-8.0.116-1.fc41

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

CVE-2024-45037

The AWS Cloud Development Kit CDK is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer’s AWS account. CDK contains pre-built components called...

CVE-2023-22669

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2022-40480

Nordic Semiconductor, Microchip Technology NRF5340-DK DT100112 was discovered to contain an issue which allows attackers to cause a Denial of Service DoS via a crafted ConReq packet...

CVE-2021-32994

Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...

CVE-2021-23051

On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver is used with BIG-IP on Amazon Web Services AWS systems, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. This is due to an incomplete fix for...

CVE-2020-0561

Improper initialization in the IntelR SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-9628

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-9626

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2020-9589

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2020-9623

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

Malicious code in ai-labs-snippets-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d5d4e1e66d1a84969c7af5822efb6e894abc0d263c87f583bf45591d216b85a During the importing, it loads a file pretending to an AI model. This file contains pickle-serialized code that exfiltrates data basic IP/username info, as wel...

RLSA-2024:4567 Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...