Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka nodes are vulnerable to privilege escalation [CVE-2024-31141]

Summary The Apache Kafka client is used by IBM App Connect Enterprise Certified Container for the Kafka client nodes. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that run toolkit flows containing Kafka nodes are vulnerable to privilege...

CVE-2024-13783

creationtimestamp| type| source ---|---|--- 2025-02-18 11:15:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lih53tqlfz2g 2025-02-18 12:38:08+00:00| seen| https://t.me/cvedetector/18318 2025-02-18 13:56:45+00:00| seen|...

CLSA-2025-1739812242 Fix CVE(s): CVE-2024-3596

SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 debian/control: add package Recommends to krb5-doc...

CLSA-2025-1739812201 Fix CVE(s): CVE-2024-3596

SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 debian/control: add package Recommends to krb5-doc...

CVE-2025-26578

Cross-Site Request Forgery CSRF vulnerability in mathieuhays Simple Documentation client-documentation allows Stored XSS.This issue affects Simple Documentation: from n/a through = 1.2.8...

CGA-MXW5-M488-459H

Bulletin has no description...

[SECURITY] Fedora 40 Update: python3.13-3.13.2-1.fc40

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

doxygen security update

An update is available for doxygen. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Doxygen can generate an online class browser in HTML and/or a reference manua...

RLSA-2025:1314 Moderate: doxygen security update

Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Security Fixes:...

CVE-2025-26569

creationtimestamp| type| source ---|---|--- 2025-02-13 14:17:19+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li2uvnl2l42x 2025-02-13 14:41:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113997097272742226 2025-02-13 15:12:00+00:00| seen|...

CVE-2025-26578

Cross-Site Request Forgery CSRF vulnerability in mathieuhays Simple Documentation client-documentation allows Stored XSS.This issue affects Simple Documentation: from n/a through = 1.2.8...

CVE-2025-26550

creationtimestamp| type| source ---|---|--- 2025-02-13 14:10:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113996979182097739 2025-02-13 14:16:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li2uuzepu42h 2025-02-13 15:12:45+00:00| seen|...

CVE-2025-26578 WordPress Simple Documentation plugin <= 1.2.8 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in mathieuhays Simple Documentation allows Stored XSS. This issue affects Simple Documentation: from n/a through 1.2.8...

CVE-2025-26578

CVE-2025-26578 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Simple Documentation that enables a Stored XSS scenario. The issue affects versions from the earliest release up to and including 1.2.8 . Public vulnerability sources (NVD, CVE List) reference this ...

WordPress Simple Documentation plugin <= 1.2.8 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Simple Documentation versions = 1.2.8...

[SECURITY] Fedora 41 Update: python3.14-3.14.0~a4-2.fc41

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

[SECURITY] Fedora 40 Update: python3.11-3.11.11-5.fc40

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

[SECURITY] Fedora 40 Update: python3.10-3.10.16-5.fc40

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

[SECURITY] Fedora 40 Update: python3.14-3.14.0~a4-2.fc40

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

WordPress plugin Simple Documentation 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...