GHSA-FC36-5GC3-JMHX vulnerabilities

Vulnerabilities for packages: haproxy...

CVE-2025-68156 affecting package keda for versions less than 2.14.1-8

CVE-2025-68156 affecting package keda for versions less than 2.14.1-8. A patched version of the package is available...

[SECURITY] Fedora 43 Update: ov-0.50.2-1.fc43

Feature-rich terminal-based text viewer. It is a so-called terminal pager...

CVE-2023-54142

In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in gtpencapdestroy. syzkaller reported use-after-free in gtpencapdestroy. 0 It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 "gtp: fix suspicious RCU usage" added locksock a...

GHSA-9FJM-6W64-76R7 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2025-14373 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-GV8F-9G4R-FJ8Q vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2025-68341

In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP nodirect return section to fix race As explain in commit fa349e396e48 "veth: Fix race with AFXDP exposing old or uninitialized descriptors" for veth there is a chance after napicompletedone that another CPU can...

thunderbird security update

140.6.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.6.0 - Add OpenELA debranding 140.6.0-1 - Update to 140.6.0 ESR...

[SECURITY] Fedora 43 Update: gosec-2.22.11-2.fc43

Go security checker...

CVE-2025-67897 vulnerabilities

Vulnerabilities for packages: rpm-sequoia...

SUSE CVE-2025-14422

GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

CVE-2025-67735 vulnerabilities

Vulnerabilities for packages: zipkin, wavefront-proxy, apache-activemq-artemis, logstash-input-http, apache-nifi-registry, management-api-for-apache-cassandra-5.0, druid, keycloak, opensearch, logstash, docker-selenium, infinispan, neo4j, kserve-modelmesh, sonarqube, apache-nifi, spark, flyway,...

GHSA-P3F5-98CV-562J vulnerabilities

Vulnerabilities for packages: jenkins...

ROS-20251216-7351

Vulnerability in containerd related to lack of memory release after effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-40198 affecting package kernel for versions less than 6.6.117.1-1

CVE-2025-40198 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-14714

An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...

CVE-2025-67897

In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...

CVE-2025-66627 vulnerabilities

Vulnerabilities for packages: typst...

GHSA-G754-HX8W-X2G6 vulnerabilities

Vulnerabilities for packages: k8sgateway, kargo, buf, kubernetes-dns-node-cache, dkron, seaweedfs, kubo, spegel, k3s, teleport, q, ipfs-cluster, caddy, frp, traefik...