[SECURITY] Fedora 42 Update: gstreamer1-doc-1.26.11-1.fc42

GStreamer documentation...

[SECURITY] Fedora 43 Update: gstreamer1-doc-1.26.11-1.fc43

GStreamer documentation...

[SECURITY] Fedora 43 Update: rust-1.94.1-1.fc43

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

[SECURITY] Fedora 44 Update: rust-1.94.1-1.fc44

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

Fedora 44 : cpp-httplib (2026-03599f0b32)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-03599f0b32 advisory. Update to 0.38.0 rhbz2447261 - Filename sanitization for path traversal prevention Added sanitizefilename to prevent path traversal attacks via malicious...

Fedora 43 : gst-devtools / gst-editing-services / gstreamer1 / gstreamer1-doc / etc (2026-e77ad9d792)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-e77ad9d792 advisory. 1.26.11 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but...

Fedora 43 : cpp-httplib (2026-e76feaf213)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e76feaf213 advisory. Update to 0.38.0 rhbz2447261 - Filename sanitization for path traversal prevention Added sanitizefilename to prevent path traversal attacks via malicious...

[SECURITY] Fedora 43 Update: python3.13-3.13.12-2.fc43

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

CVE-2023-27573

netbox-docker before 2.5.0 has a superuser account with default credentials admin password for the admin account, and 0123456789abcdef0123456789abcdef01234567 value for SUPERUSERAPITOKEN. In practice on the public Internet, almost all users changed the password but only about 90% changed the toke...

CVE-2026-33331

oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.9, a stored cross-site scripting XSS vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker can control any field within the OpenAPI specificati...

Cross-site Scripting (XSS)

Overview @orpc/openapi is a Affected versions of this package are vulnerable to Cross-site Scripting XSS in the generation of OpenAPI documentation. An attacker can execute arbitrary JavaScript in the context of the user's browser by injecting malicious payloads into controllable fields within th...

CVE-2026-33331 oRPC: Stored XSS in OpenAPI Reference Plugin via unescaped JSON.stringify

oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.9, a stored cross-site scripting XSS vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker can control any field within the OpenAPI specificati...

CVE-2026-33331 oRPC: Stored XSS in OpenAPI Reference Plugin via unescaped JSON.stringify

oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.9, a stored cross-site scripting XSS vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker can control any field within the OpenAPI specificati...

CVE-2026-33331 oRPC: Stored XSS in OpenAPI Reference Plugin via unescaped JSON.stringify

oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.9, a stored cross-site scripting XSS vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker can control any field within the OpenAPI specificati...

orpc 跨站脚本漏洞

Orpc is an open-source RPC and OpenAPI integration framework developed by MiddleAPI. Versions of Orpc prior to 1.13.9 contained a cross-site scripting vulnerability. This vulnerability stemmed from the OpenAPI documentation generation process, which included stored cross-site scripts. This could...

MINI-QFPH-MVXP-JCWX

Bulletin has no description...

MAL-2026-2035 Malicious code in @emilgroup/api-documentation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58c245a310d05383d1fdf2e98691e5ea42d0505bdab8e27120537609d6bb4acd The package @emilgroup/api-documentation was found to contain malicious code. Source: ghsa-malware...

Fedora 42 : python-scitokens (2026-dec8f790f7)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-dec8f790f7 advisory. - Remove legacy parent SciToken chaining behavior from token initialization and claim handling - Harden Enforcer scope path traversal validation including...

Fedora 44 : python-scitokens (2026-86ad7d8a1a)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-86ad7d8a1a advisory. - Remove legacy parent SciToken chaining behavior from token initialization and claim handling - Harden Enforcer scope path traversal validation including...

CVE-2026-32844

XinLiangCoder phpapidoc through commit 1ce5bbf contains a reflected cross-site scripting vulnerability in listmethod.php that allows remote attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious code through the f parameter. Attackers can craft a malicious URL with...