CVE-2025-69419 affecting package openssl for versions less than 3.3.5-3

CVE-2025-69419 affecting package openssl for versions less than 3.3.5-3. A patched version of the package is available...

CVE-2026-1287

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. FilteredRelation is subject to SQL injection in column aliases via control characters, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet methods annotate, aggregat...

CVE-2025-67484

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

CVE-2025-61655

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js,...

python3.12 security update

3.12.12-3.0.1 - Remove upstream URL reference 3.12.12-3 - Security fix for CVE-2025-13836 Resolves: RHEL-140978 3.12.12-2 - Security fix for CVE-2025-12084 Resolves: RHEL-135387...

ROS-20260203-73-0006

A vulnerability in the auth.c component of the Linux kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...

ROS-20260203-73-0038

A vulnerability in the qcom/lpass.h component of the Linux kernel is related to buffer copying without input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-61640

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js. This issue affects MediaWiki: from before...

CVE-2026-21636 vulnerabilities

Vulnerabilities for packages: nodejs...

CVE-2025-55131 affecting package nodejs for versions less than 20.14.0-11

CVE-2025-55131 affecting package nodejs for versions less than 20.14.0-11. A patched version of the package is available...

CVE-2025-15467 affecting package openssl for versions less than 3.3.5-2

CVE-2025-15467 affecting package openssl for versions less than 3.3.5-2. A patched version of the package is available...

CVE-2026-1761

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption...

CVE-2022-1615 vulnerabilities

Vulnerabilities for packages: samba...

CVE-2025-32434 vulnerabilities

Vulnerabilities for packages: py3.11-pytorch-cuda-11.8...

GHSA-CP43-X3RR-GWCC vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-aws, linux-azure, linux-gcp, linux-qemu...

CVE-2025-59734 vulnerabilities

Vulnerabilities for packages: ffmpeg...

GHSA-P7R5-QH99-QCHM vulnerabilities

Vulnerabilities for packages: ffmpeg...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

golang-github-openprinting-ipp-usb security update

0.9.27-4 - rebuild to fix CVE-2025-61729...

ROS-20260202-73-0004

Vulnerability in kernel-lt related to insufficient control of the resource during its existence. Exploitation of the vulnerability could allow an attacker to cause a denial of service...