[SECURITY] Fedora 43 Update: rust-tikv-jemallocator-0.6.1-1.fc43

A Rust allocator backed by jemalloc...

[SECURITY] Fedora 43 Update: python-pydantic-core-2.41.4-1.fc43

The pydantic-core project provides the core validation logic for pydantic written in Rust...

[SECURITY] Fedora 43 Update: fastapi-cloud-cli-0.3.1-1.fc43

Deploy and manage FastAPI Cloud apps from the command line...

KLA90264 DoS vulnerability in Opera

Inappropriate implementation vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Opera 123.0.5669.47 Stable update Related products Opera CVE list CVE-2025-12433 warning Solution Update tot he latest version Download Ope...

Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path

Overview Optical Disc Archive Software for Windows provided by Sony Corporation contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-62225 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

Security Bulletin: NVIDIA RunAI - November 2025

NVIDIA has released a software update for NVIDIA® RunAI. To protect your system, download and install the latest version of NVIDIA RunAI by following the instructions on the documentation site. Go to NVIDIA Product Security...

RHSA-2025:19434 Red Hat Security Advisory: xorg-x11-server security update

Bulletin has no description...

Fedora 41 : openbao (2025-ab1fce816d)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ab1fce816d advisory. Update to upstream 2.4.3, including fixes for CVE-2025-62513 and CVE-2025-62705. Tenable has extracted the preceding description block directly from...

CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

[SECURITY] Fedora 42 Update: qt6-qtcoap-6.9.3-1.fc42

Qt CoAP API provides classes and functions to access the CoAP protocol...

[SECURITY] Fedora 42 Update: mingw-qt6-qtsvg-6.9.3-1.fc42

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

PT-2025-44474

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to CCM 3.1.1 Nagios XI versions prior to 5.8.2 Description The Core Config Manager CCM in Nagios XI is susceptible to multiple cross-site scripting XSS issues within Overlay modals. A lack of proper input validation or...

PT-2025-44407

Name of the Vulnerable Software and Affected Versions Dell Unity versions 5.5 and prior Description Dell Unity versions 5.5 and earlier have an issue where special elements are not properly neutralized when used in operating system commands, potentially leading to OS Command Injection. An attacke...

PT-2025-44495

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1 Description Nagios Log Server versions prior to 2024R1 are susceptible to cross-site scripting XSS through the Create User function. Insufficient validation or escaping of user-supplied input could...

PT-2025-44342

Name of the Vulnerable Software and Affected Versions Zitadel versions prior to 4.6.0 Zitadel versions prior to 3.4.3 Zitadel versions prior to 2.71.18 Description Zitadel, an open-source identity infrastructure software, is susceptible to online brute-force attacks targeting OTP, TOTP, and...

PT-2025-44264

Name of the Vulnerable Software and Affected Versions Premmerce versions through 1.3.19 Description A Cross-Site Request Forgery CSRF issue exists in Premmerce. This allows attackers to potentially perform actions on behalf of authenticated users without their knowledge. Recommendations Update...

PT-2025-44267

Name of the Vulnerable Software and Affected Versions Premmerce User Roles versions through 1.0.13 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a potential Cross-site Scripting XSS issue. This allows for Stored XSS attacks...

KLA90929 OSI vulnerability in Git for Windows

Information disclosure vulnerability was found in Git for Windows. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories Git for Windows 2.51.2 Exploitation Related products Git-for-Windows CVE list CVE-2025-66413 high Solution Update to the latest...

PT-2025-44213

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 3.6.2 Discourse version 3.6.0.beta2 Description Discourse, an open source discussion platform, is affected by an issue where the default Cache-Control response header with the value no-store, no-cache was missing fr...

PT-2025-43707

Name of the Vulnerable Software and Affected Versions GenerateBlocks plugin for WordPress versions through 2.1.1 Description The GenerateBlocks plugin for WordPress has a flaw that allows unauthorized access to data. This is due to a missing capability check within the get option rest function...