[SECURITY] Fedora 42 Update: python3.6-3.6.15-49.fc42

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Linux Distros Unpatched Vulnerability : CVE-2024-21098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Compiler. Supported versions that are affect...

OPENSUSE-SU-2025:15473-1 abseil-cpp-devel-20250814.0-2.1 on GA media

These are all security issues fixed in the abseil-cpp-devel-20250814.0-2.1 package on the GA media of openSUSE Tumbleweed...

Linux Distros Unpatched Vulnerability : CVE-2023-6955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing authorization check vulnerability exists in GitLab Remote Development affecting all versions prior to 16.5.6, 16.6 prior to 16.6.4 and 16.7 prior to...

Remote Code Execution (RCE)

@nestjs/devtools-integration is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper sandboxing and missing cross-origin protections due to unsafe execution of attacker-controlled input in a JavaScript sandbox via the /inspector/graph/interact endpoint...

CVE-2025-57730

In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature...

CVE-2025-57730

In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature...

CVE-2025-57730

In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature...

CVE-2025-57730

In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature...

CVE-2025-57730

Summary: CVE-2025-57730 affects JetBrains IntelliJ IDEA prior to 2025.2, with an HTML injection vulnerability in the Remote Development feature. What’s affected: IntelliJ IDEA (before 2025.2); the issue is a HTML injection in the Remote Development workflow. Cause: underlying HTML injection vulne...

PT-2025-34031 · Jetbrains · Intellij Idea

Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions prior to 2025.2 Description: A HTML injection issue was possible through the Remote Development feature. Recommendations: Update JetBrains IntelliJ IDEA to version 2025.2 or later...

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is an integrated development environment IDE developed by JetBrains , designed to improve developer productivity and code quality , mainly for Java programming , but also supports Kotlin, Web, Spring and other languages and frameworks . JetBrains IntelliJ IDEA suffers from...

Linux Distros Unpatched Vulnerability : CVE-2025-21587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions tha...

Linux Distros Unpatched Vulnerability : CVE-2025-48050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current working directory. NOTE: the Supplier...

cairo-devel-1.18.4-3.1 on GA media (moderate)

cairo-devel-1.18.4-3.1 on GA media Announcement ID: openSUSE-SU-2025:15458-1 Rating: moderate Cross-References: CVE-2025-50422 CVSS scores: CVE-2025-50422 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now...

VulnCheck KEV: CVE-2025-54782

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

Amazon Linux 2023 : captree, libcap, libcap-devel (ALAS2023-2025-1141)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1141 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...

Linux Distros Unpatched Vulnerability : CVE-2022-3178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. CVE-2022-3178 Note that Nessus relies on the presence of the package as reported by the...

CVE-2025-7972

A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODEENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers...

MAL-2025-6939 Malicious code in makerjs-dev (npm)

The package communicates with a domain associated with malicious activity...