[SECURITY] Fedora 42 Update: fcitx5-m17n-5.1.5-1.fc42

M17N is a large collection of input method, which can cover quite a lot languages in the world, including Latin, Arabic, etc...

[SECURITY] Fedora 42 Update: fcitx5-kkc-5.1.8-1.fc42

This provides libkkc input method support for fcitx5. Released under GPL3+...

[SECURITY] Fedora 42 Update: fcitx5-qt-5.1.11-1.fc42

Qt library and IM module for fcitx5...

[SECURITY] Fedora 42 Update: fcitx5-chewing-5.1.9-1.fc42

fcitx5-chewing is a Chewing Wrapper for Fcitx. Chewing is a set of free intelligent Chinese Phonetic IME...

[SECURITY] Fedora 42 Update: fcitx5-5.1.16-1.fc42

Fcitx 5 is a generic input method framework released under LGPL-2.1+...

CVE-2025-20354

A vulnerability in the Java Remote Method Invocation RMI process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanis...

sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

CVE-2025-12560 Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via post_url

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 8.6.0 via the getFullContent function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make we...

[SECURITY] Fedora 42 Update: fcitx5-qt-5.1.11-3.fc42

Qt library and IM module for fcitx5...

CVE-2025-20354

A vulnerability in the Java Remote Method Invocation RMI process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanis...

CVE-2025-20354

A vulnerability in the Java Remote Method Invocation RMI process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanis...

CVE-2025-20354 Cisco Unified Contact Center Express Remote Code Execution Vulnerability

A vulnerability in the Java Remote Method Invocation RMI process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanis...

CVE-2025-20354 Cisco Unified Contact Center Express Remote Code Execution Vulnerability

A vulnerability in the Java Remote Method Invocation RMI process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanis...

EUVD-2025-37892

A vulnerability in the Java Remote Method Invocation RMI process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanis...

Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the Java Remote Method Invocation RMI process of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files, bypass authentication, execute arbitrary commands, and elevate privileges to root. For more...

Cisco Unified Contact Center Express 代码问题漏洞

Cisco Unified Contact Center Express Unified CCX is a customer relationship management component of a unified communications solution from Cisco. The component supports features such as self-service voice, call distribution, and customer access control. A security vulnerability exists in Cisco...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989229 advisory. In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem...

EUVD-2025-37752

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id' and ' 'idsociedad' in '/api/buscarEmpresaById.php'...

CVE-2025-47353 Exposed Dangerous Method or Function in Automotive Software platform based on QNX

Memory corruption while processing request sent from GVM...

CVE-2025-47353

Summary: CVE-2025-47353 describes a memory corruption issue in an Automotive Software platform based on QNX used by Qualcomm, triggered by processing requests sent from GVM. The CVSS 3.1 base score is 7.8 (High) with local attack vector, low attack complexity, and no privileges or user interactio...