[SECURITY] Fedora 43 Update: perl-ExtUtils-Builder-0.020-1.fc43

Writing extensions for various build tools can be a daunting task. This module tries to abstract steps of build processes into reusable building blocks for creating platform and build system agnostic executable descriptions of work...

CVE-2026-44544

gittuf is a platform-agnostic Git security system. Prior to 0.14.0, an attacker with push access to gittuf's Reference State Log RSL can roll back the current policy to any previous policy trusted by the current set of root keys. gittuf determines the policy to load by inspecting the RSL. Except...

[SECURITY] Fedora 42 Update: moby-engine-29.4.0-1.fc42

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between =E2=80=94 and...

Automatic Attack Script Generation: A MDA Approach

It is widely recognized that practical exercises are crucial for teaching cybersecurity in higher education. However, their setup is not only expensive, time-consuming, and prone to numerous errors, but also requires technical and programming skills to create attack contexts and scripts. To...

[SECURITY] Fedora 42 Update: munge-0.5.18-1.fc42

MUNGE MUNGE Uid 'N' Gid Emporium is an authentication service for creating and validating credentials. It is designed to be highly scalable for use in an HPC cluster environment. It allows a process to authenticate the UID and GID of another local or remote process within a group of hosts having...

CVE-2025-68146

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

SAMSUNG rLottie Directory Traversal Vulnerability

SAMSUNG rLottie is a platform-independent, standalone c++ library for real-time rendering of vector-based animation and art from Samsung South Korea. A directory traversal vulnerability exists in SAMSUNG rLottie, which can be exploited by an attacker to traverse directories on a system...

SAMSUNG rLottie Code Execution Vulnerability

SAMSUNG rLottie is a platform-independent, standalone c++ library for real-time rendering of vector-based animation and art from Samsung South Korea. A code execution vulnerability exists in SAMSUNG rLottie, which can be exploited by an attacker to execute arbitrary code on a system...

[SECURITY] Fedora 38 Update: libfilezilla-0.47.0-1.fc38

libfilezilla is a small and modern C++ library, offering some basic functionality to build high-performing, platform-independent programs...

[SECURITY] Fedora 40 Update: libfilezilla-0.47.0-1.fc40

libfilezilla is a small and modern C++ library, offering some basic functionality to build high-performing, platform-independent programs...

[SECURITY] Fedora 39 Update: libfilezilla-0.47.0-1.fc39

libfilezilla is a small and modern C++ library, offering some basic functionality to build high-performing, platform-independent programs...

[SECURITY] Fedora 40 Update: jakarta-mail-2.1.2-5.fc40

The Jakarta Mail API provides a platform-independent and protocol-independent framework to build mail and messaging applications...

Fedora: Security Advisory for libfilezilla (FEDORA-2023-7934efb5e3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: libfilezilla-0.45.0-1.fc38

libfilezilla is a small and modern C++ library, offering some basic functionality to build high-performing, platform-independent programs...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2® (CVE-2022-40609)

Summary There was a vulnerability in IBM® Runtime Environment Java™ Version 7.1.5.18 and earlier, 8.0.8.4 and earlier used by IBM® Db2®. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary...

Fuzztruction - Prototype Of A Fuzzer That Does Not Directly Mutate Inputs (As Most Fuzzers Do) But Instead Uses A So-Called Generator Application To Produce An Input For Our Fuzzing Target

Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs as most fuzzers do but instead uses a so-called generator application to produce an input for our fuzzing target. As programs generating data usually produce the correct representation, our fuzzer mutates the...

[SECURITY] Fedora 36 Update: golang-github-mholt-archiver-3.5.1-4.fc36

Package Archiver makes it trivially easy to make and extract common archive formats such as zip and tarball and its compressed variants. Simply name the input and output files. The arc command runs the same on all platforms and has no external dependencies not even libc. It is powered by the Go...

Nightingale - Docker Environment For Pentesting Which Having All The Required Tool For VAPT

In today's technological era, docker is the most powerful technology in each and every domain, whether it is Development, cyber security, DevOps, Automation, or Infrastructure. Considering the demand of the industry, I would like to introduce my idea to create a NIGHTINGALE: docker image for...

[SECURITY] Fedora 35 Update: trojita-0.7.0.1-0.13.20220117git266c757.fc35

Trojit=EF=BF=BD=EF=BF=BD is a IMAP e-mail client which: Enables you to access your mail anytime, anywhere. Does not slow you down. If we can improve the productivity of an e-mail user, we better do. Respects open standards and facilitates modern technologies. We value the vendor-neutrality that...

Security Bulletin: Is Blueworks Live affected by CVE-2021-44228 (Log4j Vulnerability)?

Summary Is Blueworks Live affected by CVE-2021-44228 Log4j Vulnerability? Vulnerability Details Please refer to the Flash Alert published here: Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Off Related...