Fedora 42 : chromium (2026-540f5a89d1)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-540f5a89d1 advisory. Update to 143.0.7499.192 High CVE-2026-0628: Insufficient policy enforcement in WebView tag Enable control flow integrity support for x8664/aarch64 Enable...

Fedora 44 : cef (2026-94d266def6)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-94d266def6 advisory. Automatic update for cef-143.0.13^chromium143.0.7499.192-1.fc44. Changelog Fri Jan 9 2026 Than Ngo - 143.0.13^chromium143.0.7499.192-1 - Update to...

CVE-2024-7965

An inappropriate implementation vulnerability was found in the Chromium web browser. This flaw allows an unauthenticated, remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Mitigation Until updated packages are released for Fedora and EPEL, consider temporarily...

CVE-2024-7971

A type confusion vulnerability was found in the Chromium web browser. This flaw allows an unauthenticated, remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Mitigation Until updated packages are released for Fedora and EPEL, consider temporarily swapping to an...

DEBIAN-CVE-2023-24752

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ffhevcputhevcepelpixels8sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

DEBIAN-CVE-2022-43235

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ffhevcputhevcepelpixels8sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

PT-2022-7256 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 versions 1.0.8 Description: The issue is related to a stack-buffer-overflow in the put epel hv fallback function when handling unsigned short data types. This allows attackers to cause a Denial of Service DoS via a crafted video file...

PT-2022-7260 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 versions 1.0.8 Description: The issue is related to a heap-buffer-overflow in the ff hevc put hevc epel pixels 8 sse function, which can be exploited by attackers to cause a Denial of Service DoS via a crafted video file. This...

The vulnerability of the put_epel_hv_fallback function in the h.265 Libde265 implementation allows a perpetrator to trigger a service failure.

The vulnerability of the putepelhvfallback function in the h.265 Libde265 implementation is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

Low: Red Hat Security Advisory: Satellite 6.10.3 Async Bug Fix Update

Updated Satellite 6.10 packages that fix several bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other clie...

Php-Malware-Finder - Detect Potentially Malicious PHP Files

PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. The following list of encoders/obfuscators/webshells are also detected: Bantam Best PHP Obfuscator Carbylamine Cipher Design Cyklodev Joes Web Tools...

libde265 buffer overflow vulnerability

Libde265 is a German h.265 video codec. libde265 suffers from a buffer overflow vulnerability that stems from Cc functionally backing off epel hv when running the program dec265. No detailed vulnerability details are currently available...

UBUNTU-CVE-2021-36410

A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function putepelhvfallback when running program dec265...

java-17-openjdk security update

1:17.0.1.0.12-2 - Extend LTS check to exclude EPEL. - Related: rhbz2013841 1:17.0.1.0.12-2 - Set LTS designator. - Related: rhbz2013841 1:17.0.1.0.12-1 - Drop JDK-8272332/RH2004078 patch which is upstream in 17.0.1 - Resolves: rhbz2013841 1:17.0.1.0.12-1 - October CPU update to jdk 17.0.1+12 -...

ALPINE-CVE-2020-21594

libde265 v1.0.4 contains a heap buffer overflow in the putepelhvfallback function, which can be exploited via a crafted a file...

gnome-software and fwupd security, bug fix, and enhancement update

appstream-data 8-20200724 - Regenerate the RHEL metadata to include the EPEL apps too - Resolves: 1844488 8-20200630 - Regenerate the RHEL metadata - Resolves: 1844488 fwupd 1.4.2-4.0.1 - Build with the updated Oracle certificate - Use oraclesecureboot301 as certdir Orabug: 29881368 - Use new...

Fedora 31 : mujs (2020-53773f4954)

A new version of mujs is now available for Fedora and EPEL. Besides generic enhancements and bugfixes, this release also fixes three tracked security issues: CVE-2019-11411, CVE-2019-11412 and CVE-2019-11413. Note that Tenable Network Security has extracted the preceding description block directl...

python3 security update

3.6.8-17.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-17 - Overhaul pythons FIPS mode support Resolves: rhbz1788459 3.6.8-16 - Security fix for CVE-2020-8492 Resolves: rhbz1810616 3.6.8-15 - Security fix for CVE-2019-16935 Resolves: rhbz1797999 3.6.8-14 - Provide and...

PT-2019-6198 · None +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: libde265 version v1.0.4 Description: The issue is related to a heap buffer overflow in the put epel hv fallback function, which can be exploited via a crafted file, potentially allowing a remote attacker to cause a denial of service...

CentOS 8 with IceWM Desktop Environment

Do you need CentOS 8 with IceWM as desktop Operating System? Most likely not. Especially if you want it to work smoothly without any worries and troubles. However, if you enjoy playing with new desktop environments, you might find it fun. My reasons were as follows: 1. I wanted to use the same...