[SECURITY] Fedora 44 Update: python-pycparser-2.22-8.fc44

pycparser is a complete parser for the C language, written in pure Python. It is a module designed to be easily integrated into applications that need to parse C source code...

[SECURITY] Fedora 41 Update: xmedcon-0.25.3-1.fc41

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

[SECURITY] Fedora 43 Update: xmedcon-0.25.3-1.fc43

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

CVE-2025-8735 GNU cflow Lexer c.c yylex null pointer dereference

A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...

[SECURITY] Fedora 38 Update: llhttp-9.2.1-1.fc38

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

[SECURITY] Fedora 39 Update: llhttp-9.2.1-1.fc39

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

[SECURITY] Fedora 40 Update: llhttp-9.2.1-1.fc40

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

[SECURITY] Fedora 39 Update: llhttp-9.1.3-1.fc39

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

[SECURITY] Fedora 38 Update: llhttp-9.1.3-1.fc38

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

[SECURITY] Fedora 37 Update: llhttp-8.1.1-1.fc37

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...

Fedora: Security Advisory for llhttp (FEDORA-2023-105880e618)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: llhttp-8.1.1-1.fc38

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...

[SECURITY] Fedora 37 Update: llhttp-6.0.10-1.fc37

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...

Cesanta MJS 代码问题漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS mJS: Restricted JavaScript engine...

ZAngband zangband-data 数字错误漏洞

ZAngband zangband-data is an Angband-based single-player Roguelike game from the ZAngband team. A security vulnerability exists in ZAngband zangband-data version 2.7.5, which stems from the variable fileheader.bfOffBits in src/tk/plat.c that can be contaminated...

USN-5375-1: GNU cflow vulnerability

It was discovered that GNU cflow was incorrectly handling memory cleanup operations at the end of a compilation module. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

Insyde InsydeH2O permission permission and access control issues vulnerability

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the traditional BIOS Basic Input/Output System. The vulnerability could be exploited to hijack the execution flow of code running in system...

Insyde InsydeH2O Security Feature Issue Vulnerability

Insyde InsydeH2O is a C source from Insyde Software Taiwan, China that implements the new technology "EFI/UEFI" specification, designed to replace the legacy BIOS Basic Input/Output System. insydeH2O Int15MicrosoftSmm has a security feature issue vulnerability that stems from uncontrolled input t...

[SECURITY] Fedora 33 Update: cflow-1.6-8.fc33

GNU cflow analyzes a collection of C source files and prints a graph, charting control flow within the program. GNU cflow is able to produce both direct and inverted flowgraphs for C sources. Optionally a cross-reference listing can be generated. Two output formats are implemented: POSIX and GNU...

[SECURITY] Fedora 34 Update: cflow-1.6-8.fc34

GNU cflow analyzes a collection of C source files and prints a graph, charting control flow within the program. GNU cflow is able to produce both direct and inverted flowgraphs for C sources. Optionally a cross-reference listing can be generated. Two output formats are implemented: POSIX and GNU...