[SECURITY] Fedora 41 Update: emacs-30.1-5.fc41

GNU Emacs is a powerful, customizable, self-documenting, modeless text editor. It contains special code editing features, a scripting language elisp, and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for Wayland, using t...

python3.12-cryptography security update

41.0.7-1.0.1 - CVE-2024-26130 Orabug: 37982815...

Moderate Photon OS Security Update - PHSA-2025-4.0-0810

Updates of 'coreutils' packages of Photon OS have been released...

IBM DB2 DoS (7235069) (Unix)

According to it self-reported version number, IBM Db2 is affected by a remote code execution vulnerability as a database administrator of one database may execute code or read/write files from another database within the same instance. Note that Nessus has not tested for this issue but has instea...

CVE-2025-5645

A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of ...

CVE-2025-5646

A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function rconsrainbowfree in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on...

CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

CVE-2025-35036

Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execute arbitrary Java code. Hibernate Validator as ...

CVE-2025-22233 vulnerabilities

Vulnerabilities for packages: thingsboard, apache-nifi-registry, apache-nifi, keycloak-config-cli...

python36:3.6 security update

python36 python-distro python-docs python-docutils python-nose python-pygments python-pymongo 3.7.0-2 - Backport CVE-2024-5629...

CVE-2025-3454

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

rsync security update

3.1.3-23 - Resolves: RHEL-52004 - Slowness in rsync due to extra validation steps 3.1.3-22 - Resolves: RHEL-91519 - Improper Pointer Arithmetic in pcl...

GHSA-H2FW-RFH5-95R3 vulnerabilities

Vulnerabilities for packages: thingsboard...

[SECURITY] Fedora 42 Update: maturin-1.8.6-1.fc42

Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python packages...

CVE-2025-44904

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VMmemcpyvv function...

CVE-2025-5064 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c...

Important: Red Hat Security Advisory: zlib security update

An update for zlib is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2025-27151

Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exists in redis-check-aof due to the use of memcpy with strlenfilepath when copying a user-supplied file path into a fixed-size stack buffer. This allo...

firefox security update

128.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.11.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.11.0-1 - Update to 128.11.0...