[SECURITY] Fedora 43 Update: rust-protobuf-support-3.7.2-1.fc43

Code supporting protobuf implementation. None of code in this crate is public API...

EUVD-2018-8832

Malware in sbrugna...

EUVD-2020-6426

Malware in sbrugna...

EUVD-2019-3102

Malware in sbrugna...

EUVD-2025-13621

Malicious code in bioql PyPI...

EUVD-2025-16946

Malicious code in bioql PyPI...

EUVD-2021-27538

Malicious code in bioql PyPI...

EUVD-2025-21362

Malicious code in bioql PyPI...

EUVD-2023-1619

Malicious code in bioql PyPI...

EUVD-2024-50602

Malicious code in bioql PyPI...

EUVD-2022-49192

Malicious code in bioql PyPI...

CVE-2025-59843

Flag Forge is a Capture The Flag CTF platform. From versions 2.0.0 to before 2.3.2, the public endpoint /api/user/username returns user email addresses in its JSON response. The fix, intended for release in 2.3.1 but only available starting in version 2.3.2, removes email addresses from public AP...

CVE-2025-59843 FlagForgeCTF Exposes User Emails via Public /api/user/[username] API

Flag Forge is a Capture The Flag CTF platform. From versions 2.0.0 to before 2.3.2, the public endpoint /api/user/username returns user email addresses in its JSON response. The fix, intended for release in 2.3.1 but only available starting in version 2.3.2, removes email addresses from public AP...

CVE-2025-59843 FlagForgeCTF Exposes User Emails via Public /api/user/[username] API

Flag Forge is a Capture The Flag CTF platform. From versions 2.0.0 to before 2.3.2, the public endpoint /api/user/username returns user email addresses in its JSON response. The fix, intended for release in 2.3.1 but only available starting in version 2.3.2, removes email addresses from public AP...

CVE-2025-59843

Flag Forge CT F platform vulnerable due to public /api/user/[username] endpoint exposing user email addresses. From versions 2.0.0 up to before 2.3.2, responses include emails in JSON. The fix was planned for 2.3.1 but only shipped in 2.3.2, after which email addresses are removed from public API...

CVE-2025-55476

FireShare FileShare 1.2.25 contains a time-based blind SQL injection vulnerability in the sort parameter of the endpoint: GET /api/videos/public?sort= This parameter is unsafely evaluated in a SQL ORDER BY clause without proper sanitization, allowing an attacker to inject arbitrary SQL subqueries...

CVE-2025-7616

A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthreadconddestroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used...

CVE-2025-7616

A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthreadconddestroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used...

CVE-2025-7616 gmg137 snap7-rs Public API pthread_cond_destroy memory corruption

A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthreadconddestroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used...

CVE-2025-7616

CVE-2025-7616 affects gmg137 snap7-rs (up to 1.142.1). Affects the Public API’s pthread_cond_destroy function, where memory corruption is reported as the underlying issue. The exploit has been publicly disclosed. Impact stated in sources includes memory corruption potential; CVSS metrics vary by ...