[SECURITY] Fedora 41 Update: golang-github-facebook-time-0^20251021gite970944-1.fc41

Meta's Time libraries...

[SECURITY] Fedora 43 Update: openssl-3.5.4-1.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

[SECURITY] Fedora 43 Update: gi-docgen-2025.5-1.fc43

GI-DocGen is a document generator for GObject-based libraries. GObject is the base type system of the GNOME project. GI-Docgen reuses the introspection data generated by GObject-based libraries to generate the API reference of these libraries, as well as other ancillary documentation. GI-DocGen i...

[SECURITY] Fedora 43 Update: python3.11-3.11.14-1.fc43

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

OESA-2025-2496 qt5-qtimageformats security update

The core Qt Gui library by default supports reading and writing image files of the most common file formats: PNG, JPEG, BMP, GIF and a few more, ref. Reading and Writing Image Files. The Qt Image Formats add-on module provides optional support for other image file formats. Security Fixes: When...

Vulnerabilities fixed in Oracle Commerce

Oracle has fixed vulnerabilities in several subcomponents of Oracle Commerce products, including Oracle Middleware Common Libraries, Oracle Documaker, Oracle WebCenter Forms Recognition, Oracle WebLogic Server, and Oracle Application Testing Suite. The vulnerabilities allow unauthenticated...

Oracle OpenJDK 21.x - 25.x Vulnerability (Oct 2025)

Oracle OpenJDK is prone to a vulnerability in the core-libs component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-40778

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

CVE-2025-8677

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

[SECURITY] Fedora 41 Update: gi-docgen-2025.5-1.fc41

GI-DocGen is a document generator for GObject-based libraries. GObject is the base type system of the GNOME project. GI-Docgen reuses the introspection data generated by GObject-based libraries to generate the API reference of these libraries, as well as other ancillary documentation. GI-DocGen i...

[SECURITY] Fedora 42 Update: gi-docgen-2025.5-1.fc42

GI-DocGen is a document generator for GObject-based libraries. GObject is the base type system of the GNOME project. GI-Docgen reuses the introspection data generated by GObject-based libraries to generate the API reference of these libraries, as well as other ancillary documentation. GI-DocGen i...

[SECURITY] Fedora 42 Update: python3.12-3.12.12-1.fc42

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

WhatWeb Scanner 0.6.3

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...

[SECURITY] Fedora 42 Update: python3.10-3.10.19-1.fc42

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

[SECURITY] Fedora 42 Update: python3.11-3.11.14-1.fc42

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-5.fc42

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

CVE-2025-62370

Alloy Core libraries at the root of the Rust Ethereum ecosystem. Prior to 0.8.26 and 1.4.1, an uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services m...

Adobe Creative Cloud Desktop 安全漏洞

Adobe Creative Cloud Desktop is a suite of applications for managing applications and services in the Creative Cloud Member Management Center from the American company Audobee Adobe. The program supports synchronizing and sharing files, managing fonts, and accessing asset libraries for commercial...

Amazon Linux 2023 : cuda-crt-12, cuda-nvcc-12, cuda-nvvm-12 (ALAS2023NVIDIA-2025-234)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-234 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...