6340 matches found
[SECURITY] Fedora 41 Update: gdk-pixbuf2-2.42.12-9.fc41
gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter...
[SECURITY] Fedora 42 Update: perl-5.40.3-519.fc42
Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...
Linux Distros Unpatched Vulnerability : CVE-2021-3447
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well...
Linux Distros Unpatched Vulnerability : CVE-2017-6929
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it...
Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...
Malicious code in prof-tg-dooorto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b4b5d4d87a39a286c8665b40b510ac0016d0b71fcc83fde246dd1bca7402af09 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191824 Malicious code in prof-tg-dooorto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b4b5d4d87a39a286c8665b40b510ac0016d0b71fcc83fde246dd1bca7402af09 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191828 Malicious code in prof-tg-to-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e590e0ed82342410566d6866a770346dcbe14dc6f93bc6294d245148d6c28a51 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191827 Malicious code in prof-tg-go-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d60babccd176fc8f6620e7b711731ff8d6b200d2141b318f1f09482c5a903 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-gjho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4eda95abcb7e3957c90ff671377cce017006e93aa74b673b13ef8588c9615d14 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191826 Malicious code in prof-tg-gjho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4eda95abcb7e3957c90ff671377cce017006e93aa74b673b13ef8588c9615d14 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-gdghho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6df3141fefe81c96a851af6c8844be2deba7f120c5700fed083ef85087a132b0 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191825 Malicious code in prof-tg-gdghho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6df3141fefe81c96a851af6c8844be2deba7f120c5700fed083ef85087a132b0 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-dggrto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9dba23d808b6cdccaa1ceb5d393dd3b7774d71a2fdcde19ef7e1ea927a386ce Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191823 Malicious code in prof-tg-dggrto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9dba23d808b6cdccaa1ceb5d393dd3b7774d71a2fdcde19ef7e1ea927a386ce Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Oracle Linux 9 : jackson-annotations, / jackson-core, / jackson-databind, / jackson-jaxrs-providers, / and / jackson-modules-base (ELSA-2025-12280)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12280 advisory. jackson-annotations 2.19.1-1 - Update to version 2.19.1 - Resolves: RHEL-100233 jackson-core 2.19.1-1 - Update to version 2.19.1 - Resolves: RHEL-103636...
CVE-2025-54769
An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...
ALSA-2025:12280 Important: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update
Core part of Jackson that defines Streaming API as well as basic shared abstractions. Security Fixes: com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update
jackson-annotations 2.19.1-1 - Update to version 2.19.1 - Resolves: RHEL-100233 jackson-core 2.19.1-1 - Update to version 2.19.1 - Resolves: RHEL-103636 jackson-databind 2.19.1-1 - Update to version 2.19.1 - Resolves: RHEL-100233 jackson-jaxrs-providers 2.19.1-1 - Update to version 2.19.1 -...
Important: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update
Core part of Jackson that defines Streaming API as well as basic shared abstractions. Security Fixes: com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...