[SECURITY] Fedora 42 Update: avr-binutils-2.45-4.fc42.1

This is a Cross Compiling version of GNU binutils, which can be used to assemble and link binaries for the avr platform, instead of for the native i386 platform...

[SECURITY] Fedora 43 Update: avr-binutils-2.45-4.fc43.1

This is a Cross Compiling version of GNU binutils, which can be used to assemble and link binaries for the avr platform, instead of for the native i386 platform...

PT-2026-7809

Name of the Vulnerable Software and Affected Versions next-mdx-remote versions 4.3.0 through 5.0.0 Description The serialize function within next-mdx-remote is susceptible to arbitrary code execution because of inadequate sanitization of MDX content. This allows untrusted MDX to execute JavaScrip...

[SECURITY] Fedora 43 Update: mingw-qt5-qtsvg-5.15.17-3.fc43

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

EUVD-2021-1052

Malware in sbrugna...

EUVD-2025-11829

Malicious code in bioql PyPI...

EUVD-2022-0882

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-55556

TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a security vulnerability that stems from mishandling when compiling models containing torch.Tensor.tosparse and torch.Tensor.todense, which can be exploited by an attacker to cause a denial of service...

[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-4.fc42

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

CVE-2025-37893 LoongArch: BPF: Fix off-by-one error in build_prologue()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix off-by-one error in buildprologue Vincent reported that running BPF progs with tailcalls on LoongArch causes kernel hard lockup. Debugging the issues shows that the JITed image missing a jirl instruction at th...

PT-2025-17268 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an off-by-one error in the build prologue function when running BPF programs with tailcalls on LoongArch, causing a kernel hard lockup. The problem arises from...

PT-2025-7697 · Ibm · Ibm I

Name of the Vulnerable Software and Affected Versions: IBM i versions 7.2 through 7.5 Description: The issue allows a user with the capability to compile or restore a program to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run...

[SECURITY] Fedora 40 Update: orc-0.4.39-1.fc40

Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic...

RHEL 7 : nodejs-handlebars (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true opti...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2024-21338 Local Privilege Escalation from Admin to Kernel...

[SECURITY] Fedora 40 Update: osgi-core-8.0.0-13.fc40

OSGi Core, Interfaces and Classes for use in compiling bundles...

Low: c-ares

Issue Overview: When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a...

EulerOS Virtualization 2.11.0 : c-ares (EulerOS-SA-2023-3066)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

EulerOS 2.0 SP11 : c-ares (EulerOS-SA-2023-2828)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as...