io.peekandpoke.funktor:all-jvm (>=0.86.0 <=0.107.2), io.peekandpoke.funktor:insights-jvm (>=0.86.0 <=0.107.2) +3 more potentially affected by CVE-2024-53382 via org.webjars.npm:prismjs (>=1.23.0 <=1.29.0)

org.webjars.npm:prismjs MAVEN version =1.23.0, =0.86.0, =0.86.0, =0.86.0, =15.4.3, =3.3.1, =3.6.0 Source cves: CVE-2024-53382 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-9055449...

glibc bug fix update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...

[SECURITY] Fedora 40 Update: python3.12-3.12.9-1.fc40

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

UBUNTU-CVE-2025-26618

Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...

CVE-2025-26620

Duende.AccessTokenManagement is a set of .NET libraries that manage OAuth and OpenId Connect access tokens. Duende.AccessTokenManagement contains a race condition when requesting access tokens using the client credentials flow. Concurrent requests to obtain an access token using differing protoco...

CVE-2024-57964

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...

GHSA-M3PM-RPGG-5WJ6 Home Assistant does not correctly validate SSL for outgoing requests in core and used libs

Summary Problem: Potential man-in-the-middle attacks due to missing SSL certificate verification in the project codebase and used third-party libraries. Details In the past, aiohttp-session/request had the parameter verifyssl to control SSL certificate verification. This was a boolean value. In...

Home Assistant does not correctly validate SSL for outgoing requests in core and used libs

Summary Problem: Potential man-in-the-middle attacks due to missing SSL certificate verification in the project codebase and used third-party libraries. Details In the past, aiohttp-session/request had the parameter verifyssl to control SSL certificate verification. This was a boolean value. In...

CVE-2025-25305 SSL validation for outgoing requests in Home Assistant Core and used libs not correct

Home Assistant Core is an open source home automation that puts local control and privacy first. Affected versions are subject to a potential man-in-the-middle attacks due to missing SSL certificate verification in the project codebase and used third-party libraries. In the past,...

CVE-2024-57964

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...

CVE-2024-57964 Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...

CVE-2024-57964 Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:...

CVE-2024-57963 Insecure Loading of Dynamic Link Libraries in USB-CONVERTERCABLE DRIVER

Insecure Loading of Dynamic Link Libraries have been discovered in USB-CONVERTERCABLE DRIVER, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects USB-CONVERTERCABLE DRIVER:...

CVE-2024-57963

CVE-2024-57963 concerns the Hitachi USB-CONVERTERCABLE DRIVER, where an unsafe loading of dynamic link libraries could allow a local attacker to disclose information or execute arbitrary code on affected systems. The vulnerability affects the USB-CONVERTERCABLE DRIVER and is classified with local...

Moderate: Red Hat Security Advisory: gcc security update

An update for gcc is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

com.databricks:automatedml_2.11 (=0.7.2), com.github.aishfenton:vegas-flink_2.11 (=0.3.4) +11 more potentially affected by CVE-2025-25304 via org.webjars.bower:vega (>=1.5.4 <=3.0.0-rc4)

org.webjars.bower:vega MAVEN version =1.5.4, =0.3.6, =0.3.6, =0.3.6, =1.1.0, =2.1.0, =1.0.10, =2.0.1 Source cves: CVE-2025-25304 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-8730845...

[SECURITY] Fedora 40 Update: python3.13-3.13.2-1.fc40

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

glibc security update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...

[SECURITY] Fedora 41 Update: python3.14-3.14.0~a4-2.fc41

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

[SECURITY] Fedora 40 Update: python3.11-3.11.11-5.fc40

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...