[SECURITY] Fedora 44 Update: gst-devtools-1.28.1-1.fc44

Development and debugging tools for GStreamer...

SUSE CVE-2025-69647

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an...

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.

...

Advanced Python Payload Encryption Framework with Hybrid Cryptography Steganography and Anti‑Debugging

This Python program implements an advanced payload protection framework that combines multiple security and obfuscation techniques to encrypt, package, and distribute Python code. The framework supports hybrid encryption, multi‑key protection, anti‑debugging checks, and optional steganographic...

EUVD-2025-208413

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...

CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...

AZL-79643 CVE-2026-27142 affecting package tensorflow 2.11.1-2

Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actio...

AZL-79589 CVE-2025-69652 affecting package binutils 2.37-20

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

UBUNTU-CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

CVE-2025-69645

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

PT-2026-23728

Name of the Vulnerable Software and Affected Versions Binutils versions prior to 2.46 Description An issue exists in Binutils where the objdump utility is susceptible to denial-of-service. This occurs when processing a specially crafted binary file containing malformed debug information. A flaw i...

CVE-2025-69644

CVE-2025-69644 affects Binutils before 2.46, where objdump may loop indefinitely when parsing crafted binaries with malformed DWARF debug information due to a logic flaw in DWARF location list header handling. This can cause unbounded resource consumption and endless output, enabling a local atta...

CVE-2025-69646

CVE-2025-69646 affects GNU Binutils’ objdump. A logic error in handling the debug_rnglists header when processing a crafted binary (notably seen in binutils 2.44) can cause an unbounded logging loop, consuming CPU/I/O and preventing completion of objdump analysis. Affected component: objdump in b...

RHEL 10 : delve (RHSA-2026:3864)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3864 advisory. Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go...

Improper Validation of Specified Index, Position, or Offset in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Index, Position, or Offset in Input through the processing of crafted DWARF debug information in objdump. An attacker can cause a denial of service by supplying specially crafted input files. Remediation...

CVE-2026-20022

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...

ALSA-2026:3842 Moderate: delve security update

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out ...

Copeland多款产品 操作系统命令注入漏洞

The Copeland XWEB 500D PRO and Copeland XWEB 500B PRO are advanced commercial and industrial refrigeration monitoring and management systems from the American company Copeland. Several products of Copeland have vulnerabilities related to operating system command injection. This vulnerability stem...

PT-2026-21555

Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache WordPress plugin versions prior to 3.0.5 Description The Aruba HiSpeed Cache WordPress plugin is susceptible to a cross-site request forgery CSRF issue impacting several administrative AJAX actions. Specifically, the ahsc...