CVE-2025-64502 Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. The MongoDB explain method provides detailed information about query execution plans, including index usage, collection scanning behavior, and performance metrics. Prior to version 8.5.0-alpha....

JetBrains ReSharper 安全漏洞

JetBrains dotTrace is a professional .NET performance analysis tool from JetBrains Czech Republic that is used to detect and analyze performance bottlenecks in .NET and .NET Core applications. This CVE number has been withdrawn...

Important: docker

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

[SECURITY] Fedora 41 Update: libnbd-1.22.5-1.fc41

NBD =E2=80=94 Network Block Device =E2=80=94 is a protocol for accessing Bloc k Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and asynchronous APIs, both for ease of...

perf: Fix hang while freeing sigtrap event

...

Fedora 43 : webkitgtk (2025-452a101260)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-452a101260 advisory. Update to WebKitGTK 2.50.1: Improve text rendering performance. Fix audio playback broken on instagram. Fix rendering of layers with fractional transforms. F...

BIT-GOLANG-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

BIT-GOLANG-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-6075

A vulnerability in Python’s os.path.expandvars function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denia...

[SECURITY] Fedora 43 Update: ruff-0.14.2-1.fc43

An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 plus dozens of plugins, Black, isort, pydocstyle,...

[SECURITY] Fedora 43 Update: python-fastapi-0.120.1-1.fc43

FastAPI is a modern, fast high-performance, web framework for building APIs with Python based on standard Python type hints. The key features are: =E2=80=A2 Fast: Very high performance, on par with NodeJS and Go thanks to Starlette and Pydantic. One of the fastest Python frameworks available...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989736 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When perf-record with a large A...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990319)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990319 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section Current imc-pmu code triggers a WARNIN...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990288 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the...

Malwarebytes aces PCMag Readers’ Choice Awards and AVLab Cybersecurity Foundation tests

Malwarebytes proudly topped three categories in PCMag’s 2025 Readers’ Choice Awards, recognized for exceptional protection and user satisfaction. We also earned the latest badge from AVLab Cybersecurity Foundation’s September “Advanced In-The-Wild Malware Test” by blocking 100% of malware samples...

[SECURITY] Fedora 42 Update: ruff-0.14.2-1.fc42

An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 plus dozens of plugins, Black, isort, pydocstyle,...

[SECURITY] Fedora 41 Update: ruff-0.14.2-1.fc41

An extremely fast Python linter and code formatter, written in Rust. Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface. Ruff can be used to replace Flake8 plus dozens of plugins, Black, isort, pydocstyle,...

SUSE CVE-2025-6075

If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables...

Talos-Apache-Log-Oversight-Scanner

Talos-Apache-Log-Oversight-Scanner Overview The Talos-Ap...

CVE-2025-6075

If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables...