CVE-2025-53605 affecting package rust for versions less than 1.72.0-11

CVE-2025-53605 affecting package rust for versions less than 1.72.0-11. A patched version of the package is available...

CVE-2025-53040 affecting package mysql for versions less than 8.0.44-2

CVE-2025-53040 affecting package mysql for versions less than 8.0.44-2. An upgraded version of the package is available that resolves this issue...

CVE-2025-9403 affecting package jq for versions less than 1.6-5

CVE-2025-9403 affecting package jq for versions less than 1.6-5. A patched version of the package is available...

CVE-2025-11412 affecting package binutils for versions less than 2.37-19

CVE-2025-11412 affecting package binutils for versions less than 2.37-19. A patched version of the package is available...

CVE-2025-12446

Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

CVE-2025-12431

Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: High...

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

[SECURITY] Fedora 43 Update: rust-regex-automata-0.4.13-1.fc43

Automata construction and matching using regular expressions...

[SECURITY] Fedora 43 Update: python-pydantic-2.12.4-1.fc43

Data validation and settings management using python type hinting...

bind security update

9.16.23-31.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-31.2 - Replace downstream fixes with upstream changes 32:9.16.23-31.1 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Address various spoofing attacks CVE-2025-40778...

SUSE CVE-2016-11082

An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link...

GHSA-M6HQ-P25P-FFR2 vulnerabilities

Vulnerabilities for packages: helm-fips, trivy-operator-fips, cert-manager, steampipe, cluster-api-helm-controller, helm-diff, flux-source-controller-fips, gitlab-rails-ce-fips, containerd, helm-set-status, rancher-agent, datadog-agent, helm-operator-fips, melange, eksctl, cg,...

CVE-2025-64329 vulnerabilities

Vulnerabilities for packages: helm-fips, trivy-operator-fips, cert-manager, steampipe, cluster-api-helm-controller, helm-diff, flux-source-controller-fips, gitlab-rails-ce-fips, containerd, helm-set-status, rancher-agent, datadog-agent, helm-operator-fips, melange, eksctl, cg,...

GHSA-QW9X-CQR3-WC7R vulnerabilities

Vulnerabilities for packages: podman, grafana-alloy, k3s, buildah, nvidia-container-toolkit, sriov-network-device-plugin, kubernetes, rancher-agent, node-feature-discovery, falco-no-driver...

CVE-2025-31133 vulnerabilities

Vulnerabilities for packages: podman, grafana-alloy, k3s, buildah, nvidia-container-toolkit, sriov-network-device-plugin, kubernetes, rancher-agent, node-feature-discovery, falco-no-driver...

runc security update

4:1.2.5-3 - Add relevant patches to CVEs - Resolves: RHEL-122402 4:1.2.5-2 - fix CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 - Resolves: RHEL-122402 - Resolves: RHEL-122404 - Resolves: RHEL-122415 4:1.2.5-1 - update to https://github.com/opencontainers/runc/releases/tag/v1.2.5 - Related: RHEL-60...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

CVE-2025-12060 affecting package keras for versions less than 3.3.3-5

CVE-2025-12060 affecting package keras for versions less than 3.3.3-5. A patched version of the package is available...