[SECURITY] Fedora 43 Update: uv-0.9.7-2.fc43

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

Motex LanScope Endpoint Manager Client (MR) Installed (Windows)

Binary data motexlanscopeendpointmanagerclientinstalled.nbin...

CVE-2025-56503

An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to Administrator via replacing the uninstall file with a crafted binary in the installation folder. NOTE: this is disputed by the Supplier because replacing the...

F5 WAF For NGINX Installed (Linux)

Binary data f5waffornginxnixinstalled.nbin...

CVE-2025-56503

An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticated attackers with low-level privileges to escalate privileges to Administrator via replacing the uninstall file with a crafted binary in the installation folder. NOTE: this is disputed by the Supplier because replacing the...

Wapiti Web Application Vulnerability Scanner 3.2.9

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...

PT-2025-46210

Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.0.6 Incus versions prior to 6.19.0 Description Incus is a system container and virtual machine manager. An issue affects any Incus user in an environment where an unprivileged user may have root access to a container...

CVE-2025-56503

The CVE-2025-56503 entry concerns Sublime Text 4 (build 4200). Affected component is the installer/uninstall mechanism, where a crafted binary placed in the installation folder can replace the uninstall file, purportedly enabling privilege escalation to Administrator for authenticated, low-privil...

CVE-2025-64486

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

DEBIAN-CVE-2025-64486

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

EUVD-2025-38333

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

CVE-2025-10885

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM...

wcurl Installed (macOS)

Binary data macoswcurlinstalled.nbin...

EUVD-2025-38147

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM...

CVE-2025-10885

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM...

CVE-2025-10885 Privilege Escalation Vulnerability

A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM...

CVE-2025-10885

CVE-2025-10885 – Autodesk Installer Privilege Escalation: A local, low-privilege attacker can craft a malicious file that is loaded during installation, taking advantage of insufficient validation of loaded binaries to execute code as NT AUTHORITY\SYSTEM. The linked Nessus/NASL entry confirms the...